CVE-2017-9420

CVE-2017-9420

EPSS 1.3%

Cross site scripting (XSS) vulnerability in the Spiffy Calendar plugin before 3.3.0 for WordPress allows remote attackers to inject arbitrary JavaScript via the yr parameter.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://spiffycalendar.sunnythemes.com/version-3-3-0/https://wpvulndb.com/vulnerabilities/8842 http://www.securityfocus.com/bid/98931