2022-05-24 14:32:44
mitre
PUBLISHED
In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attackers session to be authenticated as any registered LuxCal user, including the site administrator.