Lucene search

K
freebsdFreeBSD2B20FD5F-552E-11E1-9FB7-003067B2972C
HistoryJan 11, 2012 - 12:00 a.m.

WebCalendar -- Persistent XSS

2012-01-1100:00:00
vuxml.freebsd.org
9

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

71.5%

tom reports,

There is no sanitation on the input of the location variable
allowing for persistent XSS.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchwebcalendar<= 1.2.4UNKNOWN
FreeBSDanynoarchwebcalendar-devel<= 1.2.4UNKNOWN

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.003

Percentile

71.5%

Related for 2B20FD5F-552E-11E1-9FB7-003067B2972C