2006-01-12 11:00:00
mitre
PUBLISHED
login.php in ACal Calendar Project 2.2.5 allows remote attackers to bypass authentication by setting the ACalAuthenticate cookie variable to "inside".