webcalendar icon indicating copy to clipboard operation
webcalendar copied to clipboard

Published 20 hours ago verified publisher icon craigk5n

Question about two vulnerabilities in WebCalendar v1.2.7

Open fgeek opened this issue 2 years ago • 1 comments

Hello,

Can you tell me in which version these vulnerabilities has been fixed, thanks?

http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-PHP-CODE-INJECTION.txt http://hyp3rlinx.altervista.org/advisories/WEBCALENDAR-V1.2.7-CSRF-PROTECTION-BYPASS.txt

I am adding detection for these to https://github.com/fgeek/pyfiscan security scanner (works locally).

fgeek avatar Jul 29 '23 08:07 fgeek

The second one is fixed as of v1.9.8. Not sure on the first one.

craigk5n avatar Sep 13 '23 21:09 craigk5n