NVD

Id
16032  
Name
CVE-2010-4794  
Description
Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) month and (2) year parameters in a jscalendar action to index.php. NOTE: some of these details are obtained from third party information.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-18  
Published
2011-04-26  
Modified Date
2011-09-21  
Seq
2010-4794  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
90665 16032 CVE-2010-4794 http://adv.salvatorefresta.net/JS_Calendar_1.5.1_Joomla_Component_Multiple_Remote_Vulnerabilities-09102010.txt  View
90666 16032 CVE-2010-4794 8223  View
90667 16032 CVE-2010-4794 15224  View
90668 16032 CVE-2010-4794 43902  View
90669 16032 CVE-2010-4794 jscalendar-index-xss(62378)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33763 JVNDB-2011-004005 Joomla! の com_jscalendar コンポーネントにおけるクロスサイトスクリプティング脆弱性 Joomla! の JoomlaSeller JS Calendar (com_jscalendar) コンポーネントには、クロスサイトスクリプティング脆弱性が存在します。 CVE-2010-4794 47374 CVE-2010-4794 16032 4.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-004005.html 2011-04-26 2012-03-27 View