VYPR
Unrated severityNVD Advisory· Published Dec 17, 2009· Updated Jun 16, 2026

CVE-2009-4336

CVE-2009-4336

Description

Cross-site scripting (XSS) vulnerability in the Diocese of Portsmouth Calendar (pd_calendar) extension 0.4.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

3
  • cpe:2.3:a:simon_rundell:pd_calendar_today:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:simon_rundell:pd_calendar_today:*:*:*:*:*:*:*:*range: <=0.4.1
    • cpe:2.3:a:simon_rundell:pd_calendar_today:0.0.3:*:*:*:*:*:*:*
  • Range: <=0.4.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.