CVE-2006-0980 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in (1) index.cgi and (2) viewday.cgi.

Reference

http://secunia.com/advisories/19066 http://www.securityfocus.com/archive/1/426198/100/0/threaded http://www.vupen.com/english/advisories/2006/0764 https://exchange.xforce.ibmcloud.com/vulnerabilities/24946