Every CVE whose affected-product data names Luxsoft Luxcal, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-45914 — CVSS 9.8 (critical): In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a POST request. This allows the attacker's session…
CVE-2021-45915 — CVSS 9.8 (critical): In LuxSoft LuxCal Web Calendar before 5.2.0, an unauthenticated attacker can manipulate a cookie value. This allows the attacker's session…