Vulnerabilities (CVE)

Filtered by vendor Codepeople Subscribe
Filtered by product Com Multicalendar
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-5953 2 Codepeople, Joomla 2 Com Multicalendar, Joomla\! 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in tmpl/layout_editevent.php in the Multi Calendar (com_multicalendar) component 4.0.2, and possibly 4.8.5 and earlier, for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) calid or (2) paletteDefault parameter in an editevent action to index.php.