Radicale prior to 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
radicale radicale |