EUVD-2004-1765

Malware in sbrugna...

Open-Xchange: Critical : View/Edit access to private appointments of calendar folder by read only user (Vertical privilege escalation)

Hi Team, Description : Read only user of calendar folder shouldn't be able access any private appointments. I have found a move calendar folder request which is working for read only user. Once Attacker moves the appointment to his folder , then he can Access private appointments. Vulnerable HTTP...

CVE-2004-1771

Scalable OGo SOGo 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users...

CVE-2004-1771

CVE-2004-1771 affects Scalable OGo (SOGo) 1.0, where remote authenticated users can bypass intended permissions and view private appointments of other users. The provided sources confirm the affected product and the permission bypass impact, but do not specify the root cause details, vulnerable c...

CVE-2004-1771

Scalable OGo SOGo 1.0 allows remote authenticated users to bypass intended permissions and view private appointments of other users...