NVD

Id
46568  
Name
CVE-2012-5384  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2012-10-11  
Modified Date
2012-10-22  
Seq
2012-5384  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
233271 46568 CVE-2012-5384 http://sourceforge.net/projects/webcalendar/files/webcalendar%201.2/1.2.5/README.txt/download  View
233272 46568 CVE-2012-5384 http://sourceforge.net/tracker/?func=detail&aid=3488543&group_id=3870&atid=303870  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29223 JVNDB-2012-004930 Craig Knudsen WebCalendar におけるクロスサイトスクリプティングの脆弱性 Craig Knudsen WebCalendar には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2012-5384 58622 CVE-2012-5384 46568 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004930.html 2012-10-11 2012-10-15 View