Description
Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the yr parameter to calendar.php.
Exploits (1)
References (1)
Core 1
Core References
Exploit, Vendor Advisory x_refsource_misc
http://lostmon.blogspot.com/2005/07/clever-copy-calendarphp-yr-variable.html
Scores
EPSS
0.0034
EPSS Percentile
56.5%
Details
Status
published
Products (2)
clever_copy/clever_copy
2.0
clever_copy/clever_copy
2.0a
Published
Jul 19, 2005
Tracked Since
Feb 18, 2026