RSS   Vulnerabilities for 'Calendar'   RSS

2009-09-10
 
CVE-2009-3157

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the Calendar module 6.x before 6.x-2.2 for Drupal allows remote authenticated users, with "create new content types" privileges, to inject arbitrary web script or HTML via the title of a content type.

 

 >>> Vendor: Karen stevenson 3 Products
CCK
DATE
Calendar


Copyright 2019, cxsecurity.com

 

Back to Top