Php-calendar - Php-calendar CVE

Filtered by vendor Php-calendar Subscribe

Filtered by product Php-calendar

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-6485	1 Php-calendar	1 Php-calendar	2017-03-07	4.3 MEDIUM	6.1 MEDIUM
A Cross-Site Scripting (XSS) issue was discovered in php-calendar before 2017-03-03. The vulnerability exists due to insufficient filtration of user-supplied data (errorMsg) passed to the "php-calendar-master/error.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Vulnerabilities (CVE)