CVE-2018-8927

Published: 2018-06-14T14:29Z

Last Modified: 2024-11-21T04:14Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote authenticated users to create arbitrary events via the (1) cal_id or (2) original_cal_id parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt