A vulnerability has been found in Discourse discourse-calendar and classified as problematic. This vulnerability affects unknown code of the component Private Event Handler. The manipulation leads to incorrect authorization.
This vulnerability was named CVE-2024-26145. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.