CVE-2023-1647

Improper Access Control in GitHub repository calcom/cal.com prior to 2.7.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
@huntrdevCNA
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
VendorProductVersion
calcal.com
𝑥
< 2.7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/sbs20/scanservjs/pull/606/commits/d51fd52c1569813990b8f74e64ae6979c665dca1
https://huntr.dev/bounties/d6de3d6e-9551-47d1-b28c-7e965c1b82b6
https://github.com/sbs20/scanservjs/pull/606/commits/d51fd52c1569813990b8f74e64ae6979c665dca1
https://huntr.dev/bounties/d6de3d6e-9551-47d1-b28c-7e965c1b82b6