CVE-2025-31604

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Cal.com Cal.com cal-com allows Stored XSS.This issue affects Cal.com: from n/a through = 1.0.0...

WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Cal.com versions = 1.0.0...

CVE-2025-31604

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Cal.com Cal.com cal-com allows Stored XSS.This issue affects Cal.com: from n/a through = 1.0.0...

CVE-2025-31604 WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Cal.com Cal.com cal-com allows Stored XSS.This issue affects Cal.com: from n/a through = 1.0.0...

CVE-2025-31604

CVE-2025-31604 is a stored XSS in Cal.com (improper neutralization of script-related HTML tags) affecting Cal.com versions up to 1.0.0 (from n/a through 1.0.0). The CVSS 3.1 vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L) yields a Medium impact with user interaction required. Connected sources confi...

CVE-2025-31604 WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Cal.com Cal.com allows Stored XSS. This issue affects Cal.com: from n/a through 1.0.0...

WordPress plugin Cal.com 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2023-37919

Cal.com is open-source scheduling software. A vulnerability allows active sessions associated with an account to remain active even after enabling 2FA. When activating 2FA on a Cal.com account that is logged in on two or more devices, the account stays logged in on the other devices stays logged ...

Design/Logic Flaw

Cal.com is open-source scheduling software. A vulnerability allows active sessions associated with an account to remain active even after enabling 2FA. When activating 2FA on a Cal.com account that is logged in on two or more devices, the account stays logged in on the other devices stays logged ...

CVE-2023-37919

CVE-2023-37919 affects Cal.com open-source scheduling software. The vulnerability allows active sessions to remain valid after enabling 2FA when a user is logged in on multiple devices, causing the other session(s) to stay authenticated without re-verification. Concrete details across connected d...

CVE-2023-37919 Cal.com not expiring old sessions after enabling 2FA

Cal.com is open-source scheduling software. A vulnerability allows active sessions associated with an account to remain active even after enabling 2FA. When activating 2FA on a Cal.com account that is logged in on two or more devices, the account stays logged in on the other devices stays logged ...

CVE-2023-37919 Cal.com not expiring old sessions after enabling 2FA

Cal.com is open-source scheduling software. A vulnerability allows active sessions associated with an account to remain active even after enabling 2FA. When activating 2FA on a Cal.com account that is logged in on two or more devices, the account stays logged in on the other devices stays logged ...

Cal.com 代码问题漏洞

Cal.com is an open source scheduling software from Cal.com Open Source. A code issue vulnerability exists in Cal.com that stems from old sessions not expiring when 2FA is enabled...

PT-2023-26186 · Cal.Com · Cal.Com

Name of the Vulnerable Software and Affected Versions: Cal.com affected versions not specified Description: A vulnerability in Cal.com open-source scheduling software allows active sessions associated with an account to remain active even after enabling 2FA. When 2FA is activated on a Cal.com...

PT-2023-17143 · Unknown · Calcom/Cal.Com

Name of the Vulnerable Software and Affected Versions: calcom/cal.com versions prior to 2.7 Description: The issue is related to improper access control in the GitHub repository calcom/cal.com. Recommendations: For versions prior to 2.7, update to version 2.7 or later to resolve the issue...

CVE-2023-1647

CVE-2023-1647 affects calcom/cal.com versions prior to 2.7, due to Improper Access Control. Public sources (Red Hat, PRION/PT-Security, OSV/NVD) describe high-severity impact on confidentiality, integrity, and availability. Mitigation: upgrade to version 2.7 or later as recommended by PT-Security...

cal.com 访问控制错误漏洞

cal.com is an open source Calendly replacement. A security vulnerability exists in versions of cal.com prior to 2.7 that stems from improper access control...

p-cal.com Cross Site Scripting vulnerability OBB-3220031

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...