PT-2025-31764 · Unknown · Mocca Calendar

Chiuchiu Sorin

·

Published

2025-08-03

·

Updated

2025-08-03

·

CVE-2025-52131

Report an issue
CVSS v3.1
6.4
VectorAV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions:

Mocca Calendar versions prior to 2.15

Description:

The Mocca Calendar application allows for cross-site scripting (XSS) via the background or text color field.

Recommendations:

Update Mocca Calendar to version 2.15 or later.

Fix

XSS

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-52131
GHSA-JVQ4-J2QW-Q7X2

Affected Products

Mocca Calendar