CVE-2004-1529

Name of the Vulnerable Software and Affected Versions Event Calendar module version 2.13 for PHP-Nuke

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to execute arbitrary web script via specific parameters in a Preview operation or event comments. The vulnerable parameters include type, day, month, and year.

Recommendations For Event Calendar module version 2.13, consider disabling the Preview operation and restricting access to event comments until a fix is available. Avoid using the parameters type, day, month, and year in the affected module to minimize the risk of exploitation.