Secunia Security Advisory – Russ McRee has discovered some vulnerabilities in WebCalendar, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/85900/sa38222.txt
Source: https://packetstormsecurity.com/files/85900/Secunia-Security-Advisory-38222.html