← volver
CVE-2021-45914

CVE-2021-45914

EPSS 1.5%
In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/h1pmnhhttps://h1pmnh.github.io/post/cve-luxcal-2021/https://twitter.com/h1pmnhhttps://www.luxsoft.eu/index.php?pge=dload