QwikSec

Security Database

CVE

CWE

Training

CVE-2021-27330

Published: Feb 25, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.triconsole.com/

x_refsource_MISC

http://www.triconsole.com/php/calendar_datepicker.php

x_refsource_MISC

https://www.exploit-db.com/exploits/49597

x_refsource_MISC

http://packetstormsecurity.com/files/161570/Triconsole-3.75-Cross-Site-Scripting.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.