VYPR

Luxcal

by Luxsoft

CVEs (1)

  • CVE-2021-45915CriMay 24, 2022
    risk 0.64cvss 9.8epss 0.01

    In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session to be authenticated as any registered LuxCal user, including the site administrator.