Vulnerability Details CVE-2022-4455
A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.6%
CVSS Severity
CVSS v3 Score 3.5
References
Products affected by CVE-2022-4455
-
cpe:2.3:a:php-calendar:php-calendar:-
-
cpe:2.3:a:php-calendar:php-calendar:0.1
-
cpe:2.3:a:php-calendar:php-calendar:0.10
-
cpe:2.3:a:php-calendar:php-calendar:0.2
-
cpe:2.3:a:php-calendar:php-calendar:0.3
-
cpe:2.3:a:php-calendar:php-calendar:0.4
-
cpe:2.3:a:php-calendar:php-calendar:0.5
-
cpe:2.3:a:php-calendar:php-calendar:0.6
-
cpe:2.3:a:php-calendar:php-calendar:0.7
-
cpe:2.3:a:php-calendar:php-calendar:0.8
-
cpe:2.3:a:php-calendar:php-calendar:0.9
-
cpe:2.3:a:php-calendar:php-calendar:0.9.1
-
cpe:2.3:a:php-calendar:php-calendar:2015-12-04