Описание
A BOLA vulnerability in POST /services allows a low privileged user to create a service for any user in the system (including admin). This results in unauthorized data manipulation.
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.0 (исключая)
cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-639
CWE-639
Связанные уязвимости
CVSS3: 7.7
github
больше 1 года назад
A BOLA vulnerability in POST /services allows a low privileged user to create a service for any user in the system (including admin). This results in unauthorized data manipulation.
EPSS
Процентиль: 36%
0.00154
Низкий
7.7 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-639
CWE-639