XSS Vulnerability in EMS Master Calendar before 8.0.0.201805210 via URL Parameters

XSS Vulnerability in EMS Master Calendar before 8.0.0.201805210 via URL Parameters

CVE-2018-11628 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.

Learn more about our Web Application Penetration Testing UK.