oss-sec mailing list archives
CVE for XSS in EasyPHPCalender script
From: Anant Shrivastava <anant () anantshri info>
Date: Sat, 13 Apr 2013 05:17:39 +0530
Hi Team, can i please have a CVE for this issues http://www.easyphpcalendar.com/forums/showthread.php?p=45554#post45554 technical details are not issued however the two issues are pertaining to XSS in following two files in the package. index.php datePicker.php This issue affect both free version i.e. version 6. as well as commerical version < 7.0.13 Changelog visible here for v7 : http://docs7.easyphpcalendar.com/source/ChangeLog/changeLog.htm for v6 patch is listed here :http://www.easyphpcalendar.com/v6download.php as Security Patch - Released April 9, 2013<http://www.easyphpcalendar.com/files/EPC6Patch.zip> Thanks in advance. -Anant
Current thread:
- CVE for XSS in EasyPHPCalender script Anant Shrivastava (Apr 12)
- Re: CVE for XSS in EasyPHPCalender script Kurt Seifried (Apr 16)