a XSS is found in piCal-0.91h
You'd better to select just ONE of these actions
(1) update piCal into the latest version >= 0.92
- recommend for site owners using piCal as is
(2) overwrite just piCal/index.php in the latest archive
- recommend for site owners using piCal with some hacks
(3) patch piCal/index.php manually
- recommend for experts. it's an easy patch
line 154 in index.php
$xoopsTpl->assign( 'print_link' , "$mod_url/print.php?event_id={$_GET['event_id']}&action=View" ) ;
$xoopsTpl->assign( 'print_link' , "$mod_url/print.php?event_id=".intval($_GET['event_id'])."&action=View" ) ;