Drupal · Drupal Bookable Calendar · CVE-2025-48916
**Name of the Vulnerable Software and Affected Versions**
Drupal Bookable Calendar versions 0.0.0 through 2.2.12
**Description**
The issue is related to a Missing Authorization vulnerability in Drupal Bookable Calendar, which allows Forceful Browsing.
**Recommendations**
For versions 0.0.0 through 2.2.12, update to version 2.2.13 or later to resolve the issue.