CVE

CVE-2021-45914

admin

CVE-2021-45914

In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker’s session to be authenticated as any registered LuxCal user, including the site administrator.

Source: CVE-2021-45914

Exit mobile version