Lucene search
RedhatCVELIST:CVE-2011-4950HistoryAug 31, 2012 - 10:00 p.m.
CVE-2011-4950
2012-08-3122:00:00
redhat
www.cve.org
3
cross-site scripting
egroupware
remote attackers
arbitrary web script
html
lang parameter
Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
References
comments.gmane.org/gmane.comp.web.egroupware.german/33144
packetstormsecurity.org/files/100180/eGroupware-1.8.001-Cross-Site-Scripting.html
www.autosectools.com/Advisory/eGroupware-1.8.001-Reflected-Cross-site-Scripting-178
www.egroupware.org/changelog
www.egroupware.org/epl-changelog
www.openwall.com/lists/oss-security/2012/03/29/1
www.openwall.com/lists/oss-security/2012/03/30/3
www.securityfocus.com/bid/52770
Related
nvd
nvd
CVE-2011-4950
2012-08-31 22:55:01
cve
cve
CVE-2011-4950
2012-08-31 22:55:01
prion
prion
Cross site scripting
2012-08-31 22:55:00
openvas
openvas
EGroupware Multiple Vulnerabilities (May 2011) - Active Check
2011-06-07 00:00:00