CVE-2022-4455

A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:php-calendar:php-calendar:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-12-13 18:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-4455

Mitre link : CVE-2022-4455

CVE.ORG link : CVE-2022-4455


JSON object : View

Products Affected

php-calendar

  • php-calendar
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-707

Improper Neutralization