CVE-2021-45915
LuxSoft LuxCal Web Calendar before 5.2.0 is affected. An unauthenticated attacker can manipulate a cookie value to impersonate any registered user, including the administrator. Root cause: cookie-based session fixation/authentication bypass. Affected version: prior to 5.2.0. Remediation: upgrade ...