Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

2 vulnerabilities found for calendarinho by cainor

CVE-2023-49281 (GCVE-0-2023-49281)

Vulnerability from nvd – Published: 2023-12-01 22:10 – Updated: 2024-08-02 21:53
VLAI?
Title
Open Redirect in Login Function of Calendarinho
Summary
Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability.
Severity ?
4.7 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
CWE
  • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
Vendor Product Version
Cainor Calendarinho Affected: < 15b2393
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:53:45.403Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Calendarinho",
          "vendor": "Cainor",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 15b2393"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-01T22:10:05.927Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed"
        }
      ],
      "source": {
        "advisory": "GHSA-g2gp-x888-6xrj",
        "discovery": "UNKNOWN"
      },
      "title": "Open Redirect in Login Function of Calendarinho"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-49281",
    "datePublished": "2023-12-01T22:10:05.927Z",
    "dateReserved": "2023-11-24T16:45:24.312Z",
    "dateUpdated": "2024-08-02T21:53:45.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-49281 (GCVE-0-2023-49281)

Vulnerability from cvelistv5 – Published: 2023-12-01 22:10 – Updated: 2024-08-02 21:53
VLAI?
Title
Open Redirect in Login Function of Calendarinho
Summary
Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability.
Severity ?
4.7 (Medium)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
CWE
  • CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Assigner
References
Impacted products
Vendor Product Version
Cainor Calendarinho Affected: < 15b2393
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:53:45.403Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e"
          },
          {
            "name": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Calendarinho",
          "vendor": "Cainor",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 15b2393"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability. "
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-01T22:10:05.927Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e"
        },
        {
          "name": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed"
        }
      ],
      "source": {
        "advisory": "GHSA-g2gp-x888-6xrj",
        "discovery": "UNKNOWN"
      },
      "title": "Open Redirect in Login Function of Calendarinho"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-49281",
    "datePublished": "2023-12-01T22:10:05.927Z",
    "dateReserved": "2023-11-24T16:45:24.312Z",
    "dateUpdated": "2024-08-02T21:53:45.403Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}