2017-08-31 22:00:00
mitre
PUBLISHED
Soplanning 1.32 and earlier generates static links for sharing ICAL calendars with embedded login information, which allows remote attackers to obtain a calendar owners password via a brute-force attack on the embedded password hash.