Description
Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME PerlCal 2.99.20 allows remote attackers to inject arbitrary web script or HTML via the p0 parameter.
Affected products
- acme_labs / perlcal2.99 – 2.99
- acme_labs / perlcal2.99.20 – 2.99.20
- acme_labs / perlcal2.99.30 – 2.99.30
References
- MISChttp://www.securityfocus.com/bid/15779
- MISChttp://securitytracker.com/id?1015332
- MISChttp://www.osvdb.org/21540
- MISChttp://archives.neohapsis.com/archives/fulldisclosure/2005-12/0315.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/17953
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2005/2810
- MISChttp://www.perlcal.com/calendar/docs/bugs.txt
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/23534