VYPR
High severity7.5NVD Advisory· Published Apr 15, 2020· Updated Jun 17, 2026

CVE-2020-11728

CVE-2020-11728

Description

An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. Session management does not use a sufficiently hard-to-guess session key. Anyone who can guess the microsecond time (and the incrementing session_id) can impersonate a session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • DAViCal/Andrew's Web Libraries (AWL)description
  • DAViCal/DAViCalllm-fuzzy
    Range: <=0.60

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.