CVE-2009-0805
CVE-2009-0805 describes a cross-site scripting (XSS) vulnerability in piCal 0.91h and earlier , a XOOPS calendar module. The flaw allows remote attackers to inject arbitrary web script or HTML via the event_id parameter in index.php. Impact is arbitrary script execution in affected users’ browser...