CVE-2014-7291

CVE-2014-7291

EPSS 1.1%

Multiple cross-site scripting (XSS) vulnerabilities in api_events.php in Springshare LibCal 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) m or (2) cid parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2014/Nov/90 https://exchange.xforce.ibmcloud.com/vulnerabilities/99000 http://tetraph.com/security/cves/cve-2014-7291-springshare-libcal-xss-cross-site-scripting-vulnerability/