← voltar
CVE-2021-45914

CVE-2021-45914

EPSS 1.5%
In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/h1pmnhhttps://h1pmnh.github.io/post/cve-luxcal-2021/https://twitter.com/h1pmnhhttps://www.luxsoft.eu/index.php?pge=dload