2009-01-05 16:00:00
mitre
PUBLISHED
PHP iCalendar 2.24 and earlier allows remote attackers to bypass authentication by setting the phpicalendar and phpicalendar_login cookies to 1.