CVE-2023-3700

Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 4.3
v2 : unknown
v3 : 6.3
References () https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 - Patch () https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 - Patch
References () https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8 - Exploit, Patch () https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8 - Exploit, Patch

02 Aug 2023, 09:15

Type Values Removed Values Added
Summary Improper Access Control in GitHub repository alextselegidis/easyappointments prior to 1.5.0. Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

27 Jul 2023, 19:54

Type Values Removed Values Added
CPE cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3
First Time Easyappointments easyappointments
Easyappointments
References (MISC) https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 - (MISC) https://github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64 - Patch
References (MISC) https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8 - (MISC) https://huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8 - Exploit, Patch
CWE CWE-284 CWE-639

17 Jul 2023, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-17 07:15

Updated : 2024-11-21 08:17


NVD link : CVE-2023-3700

Mitre link : CVE-2023-3700

CVE.ORG link : CVE-2023-3700


JSON object : View

Products Affected

easyappointments

  • easyappointments
CWE
CWE-639

Authorization Bypass Through User-Controlled Key