Webcalendar Project: >> Webcalendar >> 1.2.7 Security Vulnerabilities
Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-29
Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors.
CVSS Score
4.9
EPSS Score
0.022
Published
2017-08-29