Lucene search

CVE-2023-3289 A BOLA vulnerability in POST /services in EasyAppointments < 1.5.0

🗓️ 09 Jul 2024 10:13:24Reported by palo_altoType

A BOLA vulnerability in EasyAppointments allows low privileged user to create unauthorized service for any user, resulting in data manipulatio

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Vulnrichment	CVE-2023-3289 A BOLA vulnerability in POST /services in EasyAppointments < 1.5.0	9 Jul 202410:24	–	vulnrichment
Veracode	Authorization Bypass	12 Jul 202404:22	–	veracode
NVD	CVE-2023-3289	9 Jul 202411:15	–	nvd
OSV	CVE-2023-3289	9 Jul 202411:15	–	osv
CVE	CVE-2023-3289	9 Jul 202411:15	–	cve
Palo Alto Networks	PAN-OS: OS Command Injection Vulnerability in the Web Interface	13 Dec 202317:00	–	paloalto

[
  {
    "collectionURL": "https://github.com/alextselegidis/easyappointments",
    "defaultStatus": "unaffected",
    "packageName": "alextselegidis/easyappointments",
    "product": "easyappointments",
    "versions": [
      {
        "lessThan": "1.5.0",
        "status": "affected",
        "version": "*",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
github	www.github.com/alextselegidis/easyappointments

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

09 Jul 2024 10:24Current

CVSS37.7

EPSS0.00094

CWE-639