FreeBSD : phpicalendar -- XSS vulnerability (12f9d9e9-9e1e-11da-b410-000e0c2e438a)
Medium Nessus Plugin ID 21389
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionFrancesco Ongaro reports that phpicalendar is vulnerable for a cross site scripting attack. The vulnerability is caused by improper validation of the index.php file allowing attackers to include an arbitrary file with the .php extension
SolutionUpdate the affected package.