Description - Multiple XSS Vulnerabilities in CaLogic Calendars

Cross Site Scripting found in CaLogic Calendars script.

Exploit
Available
Solution
Not available - check vendor's website

Most of user-defined variables are not properly sanitized. Most user data may contain html tags. Tag <script> is replaced by < script > But this is not enought to prevent posting a script code. User data may contain <iframe> tag.

This can be used to post arbitrary html or script code which will be executed by browser of every visitor.

Order Source Code Test

Defend against hacker attacks by source code audit of your site made by our team.The order will be done by experts in web security.

Advisories by vuln type