PHP iCalendar rss/index.php cal Variable XSS

2006-06-28T08:34:03
ID OSVDB:26906
Type osvdb
Reporter OSVDB
Modified 2006-06-28T08:34:03

Description

Manual Testing Notes

http://[target]/phpicalendar/rss/index.php?cal=[XSS]

References:

Secunia Advisory ID:20883 Other Advisory URL: http://kurdishsecurity.blogspot.com/2006/06/kurdish-security-12-php-icalendar.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-06/0604.html FrSIRT Advisory: ADV-2006-2597 CVE-2006-3319