Medium severity6.1NVD Advisory· Published Aug 21, 2023· Updated Jun 17, 2026
CVE-2023-39543
CVE-2023-39543
Description
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <5.2.3M (MySQL), <5.2.3L (SQLite)
<5.2.3M (MySQL), <5.2.3L (SQLite)+ 1 more
- (no CPE)range: <5.2.3M (MySQL), <5.2.3L (SQLite)
- (no CPE)range: prior to 5.2.3L (SQLite version)
Patches
Vulnerability mechanics
References
3- jvn.jp/en/jp/JVN04876736/nvdThird Party Advisory
- www.luxsoft.eunvdProduct
- www.luxsoft.eunvdProduct
News mentions
0No linked articles in our index yet.