CVE-2007-6365

CVE-2007-6365 describes a cross-site scripting (XSS) vulnerability in the Event Calendar component of bcoos 1.0.10, specifically in modules/ecal/display.php, where an attacker can inject arbitrary script or HTML via the month parameter. The affected product is bcoos 1.0.10; the issue is a client-...