Jalaj

**Name of the Vulnerable Software and Affected Versions** sproctor php-calendar (affected versions not specified) **Description** A problematic vulnerability was found in sproctor php-calendar, affecting an unknown part of the file index.php. The manipulation of the argument `$ SERVER['PHP SELF']` leads to cross site scripting. It is possible to initiate the attack remotely. **Recommendations** To fix this issue, it is recommended to apply a patch with the name a2941109b42201c19733127ced763e270a357809. As a temporary workaround, consider restricting access to the `index.php` file until the patch is applied. Additionally, avoid using the `$ SERVER['PHP SELF']` argument in the affected file until the issue is resolved.