CVE-2006-4206 Information

Description

Cross-site scripting (XSS) vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode and possibly other versions before October 15 2006 allows remote attackers to inject arbitrary web script or HTML via the calendarID parameter.

Reference

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4206 http://securityreason.com/securityalert/1405 http://www.osvdb.org/29232 http://www.securityfocus.com/archive/1/443035/100/0/threaded http://www.securityfocus.com/bid/20335 https://exchange.xforce.ibmcloud.com/vulnerabilities/28352