Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
NOTE: this issue has been disputed by the vendor. Cross-site scripting (XSS) vulnerability in the login command in calendar.pl in CalendarScript 3.21 allows remote attackers to inject arbitrary web script or HTML via the username parameter, a different vulnerability than CVE-2005-1145
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CalendarScript calendar.pl跨站脚本漏洞
Vulnerability Description
CalendarScript是一个基于Web的事件安排、管理、发布软件包。 ** 有争议 ** 注:此问题引起厂商争议。 CalendarScript 3.21的calendar.pl的登录命令中存在跨站脚本攻击(XSS)漏洞,远程攻击者可以通过用户名参数来注入任意web脚本或HTML。它是不同于CVE-2005-1145的漏洞。
CVSS Information
N/A
Vulnerability Type
N/A