CVE-2005-4327 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Michael Arndt WebCal 1.11-3.04 allow remote attackers to inject arbitrary web script or HTML via the (1) function (2) year and (3) date parameters to webcal.cgi (4) new calendar entries and (5) notes for entries.

Reference

http://secunia.com/advisories/18017 http://securityreason.com/securityalert/267 http://www.securityfocus.com/archive/1/419655/100/0/threaded http://www.securityfocus.com/bid/15917