Cross-site scripting (XSS) vulnerability in plugins/calendar/calendar_backend.php in MyioSoft EasyCalendar 4.0tr and earlier allows remote attackers to inject arbitrary web script or HTML via the day parameter in a dayview action.
CPE | Name | Operator | Version |
---|---|---|---|
easycalendar | eq | 4.0.0-tr |