CVE ID
|
Severity
|
Date Published
|
Description | Versions Affected |
---|---|---|---|---|
CVE-2017-10841 | Medium | Aug 29, 2017 | Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. |
1.2.7
|
CVE-2017-10840 | Medium | Aug 29, 2017 | Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. |
1.2.7
|