CVE-2006-0180 Information

Description

Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the \Adding New Event\ page and possibly other vectors involving iframe tags.

Reference

http://evuln.com/vulns/24/summary.html http://secunia.com/advisories/18417 http://www.osvdb.org/22322 http://www.securityfocus.com/archive/1/422163/100/0/threaded http://www.securityfocus.com/bid/16206 http://www.vupen.com/english/advisories/2006/0149 https://exchange.xforce.ibmcloud.com/vulnerabilities/24077