CVE-2012-6716

Name of the Vulnerable Software and Affected Versions events-manager plugin versions prior to 5.1.7

Description The issue concerns a cross-site scripting (XSS) vulnerability via JSON call links. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading to unauthorized access or control.

Recommendations For versions prior to 5.1.7, update to version 5.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to JSON call links until the update is applied.