FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

WebCalendar -- Persistent XSS

Affected packages
		WebCalendar	<=	1.2.4
		WebCalendar-devel	<=	1.2.4

Details

VuXML ID	2b20fd5f-552e-11e1-9fb7-003067b2972c
Discovery	2012-01-11
Entry	2012-02-12
Modified	2012-02-13

tom reports,

There is no sanitation on the input of the location variable allowing for persistent XSS.

[source]

References

CVE Name	CVE-2012-0846
URL	http://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.