Vulnerable Version: 3.5.2 (prior versions also may be affected) Bug: Html_Injection (Second order Cross_Site_Scripting) Exploitation: Remote with browser
Html_Injection : The software does not properly filter HTML tags in the title of events before being passed to user in 'calendar.php'&'reminder....
Html_Injection : The software does not properly filter HTML tags in the title of events before being passed to user in 'calendar.php'&'reminder....
[ more ]