- Home
- CVEs with nessus.description==The version of Sun Java System Calendar Server running on the remote host fails to sanitize input to the 'Fmt-out' parameter of the 'login.wcap' script before using it to generate dynamic HTML output.
An attacker may be able to leverage this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.
Note that this install is also likely to be affected by other vulnerabilities, although Nessus has not checked for them.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top