← back
CVE-2021-27330

CVE-2021-27330

18Vexday Risk Score

Patch soon. It has a working public exploit.

ssvc Attendepss 6.2%
exploitation probability
6.2%top 7% of all CVEs
observed exploitation
nono source reports it
Triconsole Datepicker Calendar <3.77 is affected by cross-site scripting (XSS) in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.
Affected products
n/a · n/a