4.3
CVE-2004-1506
- EPSS 0.41%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in WebCalendar allow remote attackers to inject arbitrary web script via (1) view_entry.php, (2) view_d.php, (3) usersel.php, (4) datesel.php, (5) trailer.php, or (6) styles.php, as demonstrated using img srg tags.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webcalendar ≫ Webcalendar Version0.9.8
Webcalendar ≫ Webcalendar Version0.9.11
Webcalendar ≫ Webcalendar Version0.9.15
Webcalendar ≫ Webcalendar Version0.9.16
Webcalendar ≫ Webcalendar Version0.9.19
Webcalendar ≫ Webcalendar Version0.9.20
Webcalendar ≫ Webcalendar Version0.9.21
Webcalendar ≫ Webcalendar Version0.9.22
Webcalendar ≫ Webcalendar Version0.9.23
Webcalendar ≫ Webcalendar Version0.9.24
Webcalendar ≫ Webcalendar Version0.9.25
Webcalendar ≫ Webcalendar Version0.9.26
Webcalendar ≫ Webcalendar Version0.9.27
Webcalendar ≫ Webcalendar Version0.9.28
Webcalendar ≫ Webcalendar Version0.9.29
Webcalendar ≫ Webcalendar Version0.9.30
Webcalendar ≫ Webcalendar Version0.9.31
Webcalendar ≫ Webcalendar Version0.9.32
Webcalendar ≫ Webcalendar Version0.9.33
Webcalendar ≫ Webcalendar Version0.9.34
Webcalendar ≫ Webcalendar Version0.9.35
Webcalendar ≫ Webcalendar Version0.9.36
Webcalendar ≫ Webcalendar Version0.9.37
Webcalendar ≫ Webcalendar Version0.9.38
Webcalendar ≫ Webcalendar Version0.9.39
Webcalendar ≫ Webcalendar Version0.9.40
Webcalendar ≫ Webcalendar Version0.9.41
Webcalendar ≫ Webcalendar Version0.9.42
Webcalendar ≫ Webcalendar Version0.9.43
Webcalendar ≫ Webcalendar Version0.9.44
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.583 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|