NuytsTech Security

CVE-2005-1145

by ·

** DISPUTED **

NOTE: this issue has been disputed by the vendor.

Cross-site scripting (XSS) vulnerability in calendar.pl in CalendarScript 3.20 allows remote attackers to inject arbitrary web script or HTML via the template parameter, a different vulnerability than CVE-2005-1146.

Date published : 2005-04-16

http://www.snkenjoi.com/secadv/secadv3.txt

http://www.osvdb.org/15547

Tags: