5.8 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
71.5%
Cross-site scripting (XSS) vulnerability in Codewalkers ltwCalendar (aka PHP Event Calendar) before 4.2.1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors.
ltwcalendar.sourceforge.net/changelog.php