Lucene search

PRIOn knowledge basePRION:CVE-2012-0846

HistoryOct 08, 2012 - 8:55 p.m.

Cross site scripting

2012-10-0820:55:00

PRIOn knowledge base

www.prio-n.com

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.6%

JSON

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable.

CPENameOperatorVersion
webcalendareq1.2.4

CPE	Name	Operator	Version
	webcalendar	eq	1.2.4

References

archives.neohapsis.com/archives/bugtraq/2012-01/0129.html

sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870

sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870

www.openwall.com/lists/oss-security/2012/02/11/2

www.openwall.com/lists/oss-security/2012/02/12/1

www.openwall.com/lists/oss-security/2012/02/12/3

www.openwall.com/lists/oss-security/2012/02/13/6

www.securityfocus.com/bid/51600

exchange.xforce.ibmcloud.com/vulnerabilities/72563