Unrated severityNVD Advisory· Published Apr 12, 2005· Updated Jun 16, 2026
CVE-2005-1146
CVE-2005-1146
Description
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the login command in calendar.pl in CalendarScript 3.21 allows remote attackers to inject arbitrary web script or HTML via the username parameter, a different vulnerability than CVE-2005-1145
Affected products
2cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:calendarscript:calendarscript:3.20:*:*:*:*:*:*:*
- (no CPE)range: = 3.21
Patches
Vulnerability mechanics
References
3- securitytracker.com/idnvdVendor Advisory
- www.snkenjoi.com/secadv/secadv3.txtnvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/20103nvd
News mentions
0No linked articles in our index yet.