जमा करें #812177: cal.com <= v4.9.4 Exposure of Sensitive Information (CWE-200)जानकारी

शीर्षक	cal.com <= v4.9.4 Exposure of Sensitive Information (CWE-200)
विवरण	# Technical Details An Information Exposure vulnerability natively exists in the public booking properties architecture bridging inside the `getServerSideProps` method in `apps/web/modules/bookings/views/bookings-single-view.getServerSideProps.tsx` of cal.com. The application fails to accurately enforce the logic state mapping regarding `hideOrganizerEmail` explicitly over subsequent backend cancellation iterations exposing PII securely mapped environments passively. # Vulnerable Code File: apps/web/modules/bookings/views/bookings-single-view.getServerSideProps.tsx Method: getServerSideProps Why: When generating backend interactions resulting in cancellations implicitly over meeting structures, the backend explicitly merges the origin organizer authentication string automatically generating unmasked representations directly bounded into primitive elements notably exclusively binding `bookingInfo.cancelledBy` mapping automatically and sending it over generic structural APIs cleanly overriding explicitly established security parameters natively. # Reproduction 1. A Host securely enacts platform-certified specific PII privacy features checking explicitly `hideOrganizerEmail = true`. 2. The Host intentionally or unintentionally triggers natively the platform cancellation mechanism mapping explicitly over the existing meeting topology organically. 3. An unauthenticated downstream user mapping explicitly through the generic view link exclusively inspects the generic React API JSON rendering automatically locally natively. 4. The backend API unrestrictedly overrides security variables and blindly returns explicitly formatted host private emails mapped securely inside internal properties such as `cancelledBy` exposing critical information completely inherently automatically. # Impact - PII Extravasation nullifying completely platform identity features implicitly marketed for critical personnel anonymity automatically. - Allows massive targeted autonomous Spear Phishing, Extortion and subsequent Account Enumeration explicitly utilizing leaked information securely derived actively against protected environments inherently securely passively natively internally natively.
स्रोत	⚠️ https://gist.github.com/YLChen-007/b59c44d1550c4b0f373ca4eb1c150994
उपयोगकर्ता	Eric-z (UID 95890)
सबमिशन	24/04/2026 01:46 PM (1 महीना पहले)
संयम	23/05/2026 11:12 AM (29 days later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	365312 [calcom cal.diy तक 4.9.4 Generic React API bookings-single-view.getServerSideProps.tsx getServerSideProps cancelledBy/rescheduledBy सूचना का प्रकटीकरण]
अंक	20

◂ पिछला सिंहावलोकन अगला ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!