search

LJPc-solutions / freescout-calendar-module

A calendar module for Freescout
20 stars 7 forks source link

calendar module is not authenticated #32

Closed herroworrd closed 1 year ago

herroworrd commented 1 year ago

Maybe this is by design but the /calendar endpoint is not authenticated. Anyone can view, add and edit calendar entries with just the URL of a freescout instance running this module.

Lars- commented 1 year ago

Thank you for discovering this! It was not by design. I fixed it in release 1.3.14.