CVE-2006-0180

2006-01-1211:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.011

Percentile

84.5%

JSON

Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the “Adding New Event” page, and possibly other vectors, involving iframe tags.

References

evuln.com/vulns/24/summary.html

secunia.com/advisories/18417

www.osvdb.org/22322

www.securityfocus.com/archive/1/422163/100/0/threaded

www.securityfocus.com/bid/16206

www.vupen.com/english/advisories/2006/0149

exchange.xforce.ibmcloud.com/vulnerabilities/24077