4 matches found
CVE-2008-2507
Cross-site scripting XSS vulnerability in Calcium40.pl in Brown Bear Software Calcium 3.10 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the CalendarName parameter in a ShowIt action...
CVE-2008-2507
CVE-2008-2507 concerns a cross-site scripting (XSS) vulnerability in Brown Bear Software Calcium 3.10 and 4.0.4 (Calcium40.pl). The issue arises in the ShowIt action where user-supplied input in the CalendarName parameter can be manipulated to inject arbitrary web script or HTML. The available do...
Calcium web calendar: Reflected XSS
Vendor: Brown Bear Software Vendor web page: http://brownbearsw.com/ Product: Calcium web calendar Product web page: http://brownbearsw.com/calcium/WhatIsIt.html Vendor's Product Description: Calcium is a Web Calendar application. It will run on nearly any machine with a web server that can run...
brownbear-xss.txt
Vendor: Brown Bear Software Vendor web page: http://brownbearsw.com/ Product: Calcium web calendar Product web page: http://brownbearsw.com/calcium/WhatIsIt.html Vendor's Product Description: Calcium is a Web Calendar application. It will run on nearly any machine with a web server that can run...