JVN#12124922: WEB SCHEDULE vulnerable to cross-site scripting

2017-01-06T00:00:00
ID JVN:12124922
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-01-06T00:00:00

Description

## Description

WEB SCHEDULE provided by Olive Design contains a cross-site scripting vulnerability (CWE-79) due to a flaw in processing the month parameter.

## Impact

An artbitrary script may be executed on the user's web browser.

## Solution

Do not use WEB SCHEDULE
WEB SCHEDULE is no longer being developed or maintained. It is recommended to stop using WEB SCHEDULE.

## Products Affected

  • WEB SCHEDULE