CVE-2023-3700
published 2023-07-17CVE-2023-3700: Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
PriorityP420medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.37%
29.2th percentile
Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alextselegidis | alextselegidis_easyappointments | >= unspecified < 1.5.0 | 1.5.0 |
| alextselegidis | easyappointments | >= 0 < 1.5.0 | 1.5.0 |
| easyappointments | easyappointments | < 1.5.0 | 1.5.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Easy!Appointments Improper Access Control vulnerability
osv·2023-07-17
CVE-2023-3700 [MEDIUM] Easy!Appointments Improper Access Control vulnerability
Easy!Appointments Improper Access Control vulnerability
Easy!Appointments 1.4.3 and prior has an Improper Access Control vulnerability. This issue is patched at commit b37b46019553089db4f22eb2fe998bca84b2cb64 and anticipated to be part of version 1.5.0.
GHSA
Easy!Appointments Improper Access Control vulnerability
ghsa·2023-07-17
CVE-2023-3700 [MEDIUM] CWE-284 Easy!Appointments Improper Access Control vulnerability
Easy!Appointments Improper Access Control vulnerability
Easy!Appointments 1.4.3 and prior has an Improper Access Control vulnerability. This issue is patched at commit b37b46019553089db4f22eb2fe998bca84b2cb64 and anticipated to be part of version 1.5.0.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8
2023-07-17
Published