Aspplayground.Net · Aspplayground.Net Forum Advanced Edition · CVE-2006-4206
**Name of the Vulnerable Software and Affected Versions**
ASPPlayground.NET Forum Advanced Edition versions prior to October 15, 2006
**Description**
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `calendarID` parameter in the calendar.asp file.
**Recommendations**
For versions prior to October 15, 2006, avoid using the `calendarID` parameter in the calendar.asp file until the issue is resolved.