GHSA-8c6q-26w6-qwhg

Suggest an improvement
Source
https://github.com/advisories/GHSA-8c6q-26w6-qwhg
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-8c6q-26w6-qwhg/GHSA-8c6q-26w6-qwhg.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-8c6q-26w6-qwhg
Aliases
Published
2023-07-17T09:30:23Z
Modified
2024-02-16T08:08:26.301503Z
Severity
  • 6.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
Easy!Appointments Improper Access Control vulnerability
Details

Easy!Appointments 1.4.3 and prior has an Improper Access Control vulnerability. This issue is patched at commit b37b46019553089db4f22eb2fe998bca84b2cb64 and anticipated to be part of version 1.5.0.

References

Affected packages

Packagist / alextselegidis/easyappointments

Package

Name
alextselegidis/easyappointments
Purl
pkg:composer/alextselegidis/easyappointments

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.0

Affected versions

1.*

1.1.0-beta.1
1.1.0-beta.2
1.1.0
1.1.1
1.2.0-alpha.1
1.2.0-beta.1
1.2.0
1.2.1
1.3.0-alpha.1
1.3.0-beta.1
1.3.0-beta.2
1.3.0
1.3.1-beta.1
1.3.1
1.3.2-beta.1
1.3.2
1.4.0-beta.1
1.4.0
1.4.1
1.4.2-beta.1
1.4.2
1.4.3-beta.1
1.4.3

Database specific

{
    "last_known_affected_version_range": "<= 1.4.3"
}