This report is hidden because a patch hasn't been released yet.

Exposure of Sensitive Information to an Unauthorized Actor in kcal-app/kcal


Reported on

Sep 27th 2021

We have contacted a member of the kcal-app/kcal team and are waiting to hear back a month ago
Christopher Charbonneau Wells validated this vulnerability a month ago
0xdhinu has been awarded the disclosure bounty
The fix bounty is now up for grabs