CVE-2012-0846
published 2012-10-08CVE-2012-0846: Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.69%
74.2th percentile
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| k5n | webcalendar | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-rr66-pqp9-7m9f: Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1
ghsa_unreviewed·2022-05-17
CVE-2012-0846 [MEDIUM] CWE-79 GHSA-rr66-pqp9-7m9f: Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable.
GHSA
GHSA-6q3q-3c99-2m5v: Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2012-5384 [MEDIUM] CWE-79 GHSA-6q3q-3c99-2m5v: Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the
Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.
No detection rules found.
No public exploits indexed.
http://archives.neohapsis.com/archives/bugtraq/2012-01/0129.htmlhttp://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870http://sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870http://www.openwall.com/lists/oss-security/2012/02/11/2http://www.openwall.com/lists/oss-security/2012/02/12/1http://www.openwall.com/lists/oss-security/2012/02/12/3http://www.openwall.com/lists/oss-security/2012/02/13/6http://www.securityfocus.com/bid/51600https://exchange.xforce.ibmcloud.com/vulnerabilities/72563http://archives.neohapsis.com/archives/bugtraq/2012-01/0129.htmlhttp://sourceforge.net/tracker/?func=detail&aid=3472745&group_id=3870&atid=103870http://sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870http://www.openwall.com/lists/oss-security/2012/02/11/2http://www.openwall.com/lists/oss-security/2012/02/12/1http://www.openwall.com/lists/oss-security/2012/02/12/3http://www.openwall.com/lists/oss-security/2012/02/13/6http://www.securityfocus.com/bid/51600https://exchange.xforce.ibmcloud.com/vulnerabilities/72563
2012-10-08
Published