VYPR

Craigk5n/webcalendar

by Craigk5n

Source repositories

CVEs (3)

  • CVE-2017-10841MedAug 29, 2017
    risk 0.32cvss 4.9epss 0.02

    Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.

  • CVE-2024-1097Nov 15, 2024
    risk 0.00cvss epss 0.00

    A stored cross-site scripting (XSS) vulnerability exists in craigk5n/webcalendar version 1.3.0. The vulnerability occurs in the 'Report Name' input field while creating a new report. An attacker can inject malicious scripts, which are then executed in the context of other users…

  • CVE-2023-0289Jan 13, 2023
    risk 0.00cvss epss 0.01

    Cross-site Scripting (XSS) - Stored in GitHub repository craigk5n/webcalendar prior to master.