Multiple cross-site scripting (XSS) vulnerabilities in tmpl/layout_editevent.php in the Multi Calendar (com_multicalendar) component 4.0.2, and possibly 4.8.5 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) calid or (2) paletteDefault parameter in an editevent action to index.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2014-03-19T14:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2013-09-27T00:00:00
Link: CVE-2013-5953
JSON object: View
NVD Information
Status : Modified
Published: 2014-03-19T14:17:44.947
Modified: 2017-08-29T01:33:53.607
Link: CVE-2013-5953
JSON object: View
Redhat Information
No data.
CWE