source: https://www.securityfocus.com/bid/12082/info

PhpGroupWare is reported to be susceptible to a HTML injection vulnerability. This issue exists because the application fails to properly sanitize user-supplied input.

The attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user. 

http://[target]/[phpgroupware_directory]/index.php?menuaction=calendar.uicalendar.planner
POST DATA: date="><script>alert(document.cookie)</script>