Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2012-08-31T22:00:00Z
Updated: 2024-09-16T17:47:58.267Z
Reserved: 2011-12-23T00:00:00Z
Link: CVE-2011-4950
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-08-31T22:55:01.450
Modified: 2024-11-21T01:33:21.167
Link: CVE-2011-4950
Redhat
No data.