Packagist (Composer) package

oro/calendar-bundle

pkg:composer/oro/calendar-bundle

Vulnerabilities (1)

CVE	Sev	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2023-32062		—		>= 4.2.0, <= 4.2.6	—	Nov 27, 2023	OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.

CVE-2023-32062Nov 27, 2023
affected >= 4.2.0, <= 4.2.6
OroPlatform is a package that assists system and user calendar management. Back-office users can access information from any system calendar event, bypassing ACL security restrictions due to insufficient security checks. This vulnerability has been patched in version 5.1.1.