NuytsTech Security

CVE-2014-7291

by ·

Multiple cross-site scripting (XSS) vulnerabilities in api_events.php in Springshare LibCal 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) m or (2) cid parameter.

Date published : 2014-12-01

http://seclists.org/fulldisclosure/2014/Nov/90

http://tetraph.com/security/cves/cve-2014-7291-springshare-libcal-xss-cross-site-scripting-vulnerability/

Tags: