1.2.7

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-29	CVE-2017-10841	Path Traversal vulnerability in Webcalendar Project Webcalendar 1.2.7 Directory traversal vulnerability in WebCalendar 1.2.7 and earlier allows authenticated attackers to read arbitrary files via unspecified vectors. network low complexity webcalendar-project CWE-22	4.9
2017-08-29	CVE-2017-10840	Cross-site Scripting vulnerability in Webcalendar Project Webcalendar 1.2.7 Cross-site scripting vulnerability in WebCalendar 1.2.7 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. network low complexity webcalendar-project CWE-79	6.1