Browse all 4 CVE security advisories affecting calcom. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Calcom provides scheduling and booking solutions primarily used for appointment management across various industries. Historically, vulnerabilities have included stored cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from improper input validation and insecure direct object references. The platform has faced security incidents where unauthorized access could lead to data exposure or system compromise. Security characteristics reveal a pattern of vulnerabilities affecting both frontend and backend components, with privilege escalation risks identified in administrative interfaces. While no major public breaches have been widely documented, the consistent presence of multiple CVEs indicates ongoing security challenges that require robust patch management and secure coding practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-1647 | Improper Access Control in calcom/cal.com — calcom/cal.comCWE-284 | 8.8 | High | 2023-03-27 |
This page lists every published CVE security advisory associated with calcom. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.