CVE-2019-18346

Priority
Description
A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated
user visits an attacker-controlled webpage, the attacker can send arbitrary
requests in the name of the user to the application. If the attacked user
is an administrator, the attacker could for example add a new admin user.
Notes
Package
Upstream:released (1.1.9.2-1)
Ubuntu 18.04 LTS:needed
Ubuntu 20.04 LTS:not-affected (1.1.9.2-1)
Ubuntu 21.10:not-affected (1.1.9.2-1)
Ubuntu 22.04 LTS:not-affected (1.1.9.2-1)
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-25 00:38:03 UTC (commit ecc1009cb19540b950de59270950018900f37f15)