Hello, we are having a security issue, if I copy the calendar (caldav) url to add in lightning all I need is to change the name to someone elses and i can see their calendar.
How can I prevent this from happening? Example: using this url http://calendar.teracode.com/SOGo/dav/USERNAME/Calendar/personal as I'm already validated I can use what ever username from the company I want. What I need, of course, is to be able to onle see my own calendar. Thanks. -- users@sogo.nu https://inverse.ca/sogo/lists