CVE-2023-3700: Authorization Bypass Through User-Controlled Key

July 17, 2023 (updated July 27, 2023)

Authorization Bypass Through User-Controlled Key in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

References

github.com/advisories/GHSA-8c6q-26w6-qwhg
github.com/alextselegidis/easyappointments/commit/b37b46019553089db4f22eb2fe998bca84b2cb64
huntr.dev/bounties/e8d530db-a6a7-4f79-a95d-b77654cc04f8
nvd.nist.gov/vuln/detail/CVE-2023-3700

Detect and mitigate CVE-2023-3700 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →