Lucene search

K
cvelistMitreCVELIST:CVE-2012-5384
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-5384

2022-10-0316:15:31
mitre
www.cve.org
1
webcalendar
xss vulnerabilities
remote code injection

AI Score

5.5

Confidence

High

EPSS

0.003

Percentile

71.5%

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.

AI Score

5.5

Confidence

High

EPSS

0.003

Percentile

71.5%