AI Score
Confidence
High
EPSS
Percentile
94.3%
Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions before 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) year, (2) month, (3) next, and (4) prev parameters.
secunia.com/advisories/19321
securityreason.com/securityalert/601
www.osvdb.org/23969
www.securityfocus.com/archive/1/428131/100/0/threaded
www.securityfocus.com/bid/17146
www.vupen.com/english/advisories/2006/1012
exchange.xforce.ibmcloud.com/vulnerabilities/25350