Vulnerability: CVE-2013-1421 – WebCalendar 1.2.5 & 1.2.6 Category Name Persistent XSS

WebCalendar versions 1.2.5 and 1.2.6 contain a Persistent XSS in the Category Name field. Version 1.2.5 was tested and then compared with 1.2.6 to determine that the vulnerability is in both versions. Please see screen shots below.