CVE-2014-9905 (retired)

Priority
Description
Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in
SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or
HTML via the (1) title of an appointment or (2) contact fields.
Notes
 tyhicks> upstream bug tracker says this is fixed in 2.2.0
More Information

Updated: 2019-04-26 14:34:08 UTC (commit 30899e40836d26e1bb5f0b072d31fd87b6cf3bd4)