EPSS
Percentile
34.5%
alextselegidis/easyappointments is vulnerable to Improper Access Control. The vulnerability exists due to the lack of validation of appointments inCalendar.php, which allows an attacker to gain access to other user’s appointments.
Calendar.php
github.com/advisories/GHSA-fc4g-f42p-7rhp
github.com/alextselegidis/easyappointments/commit/75b24735767868344193fb2cc56e17ee4b9ac4be
huntr.dev/bounties/3099b8d1-c49c-41b8-a929-73ccded6fc7c/