3 matches found
CVE-2023-3288 A BOLA vulnerability in POST /providers in EasyAppointments < 1.5.0
A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user provider in the system. This results in privilege escalation...
CVE-2023-3288
CVE-2023-3288 affects Easy!Appointments, where a BOLA flaw on POST /providers allows a low-privileged user to create a privileged provider, enabling privilege escalation. Multiple connected sources (including CVELIST entry Easy!Appointments
CVE-2023-3288 A BOLA vulnerability in POST /providers in EasyAppointments < 1.5.0
A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user provider in the system. This results in privilege escalation...