3 matches found
[SECURITY] [DSA 1279-1] New webcalendar packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 1279-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 22nd, 2007 http://www.debian.org/security/faq -...
CVE-2006-6669
Cross-site scripting XSS vulnerability in exporthandler.php in WebCalendar 1.0.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter...
CVE-2006-6669
WebCalendar (v1.0.4 and earlier) is affected by a cross-site scripting (XSS) flaw in export_handler.php that allows an attacker to inject arbitrary script/HTML via the format parameter. The issue has been publicly documented (e.g., CVE-2006-6669; Debian DSA-1279-1) with Debian advising upgrades t...