RSS   Podatności dla 'Php event calendar'   RSS

2021-11-08
 
CVE-2021-42078

CWE-79
 

 
PHP Event Calendar through 2021-11-04 allows persistent cross-site scripting (XSS), as demonstrated by the /server/ajax/events_manager.php title parameter. This can be exploited by an adversary in multiple ways, e.g., to perform actions on the page in the context of other users, or to deface the site.

 


Copyright 2024, cxsecurity.com

 

Back to Top