CVE-2023-32295

Summary

CVE-2023-32295 is a new vulnerability affecting Easy!Appointments, a scheduling software. The issue involves a missing authorization check, which allows unauthorized users to access sensitive data or perform unintended actions within the application. Specifically, this flaw affects all versions of Easy!Appointments from n/a through 1.3.3. With this vulnerability, attackers can potentially gain unauthorized access to appointment data, customer information, or modify appointments for other users. Organizations and individuals using this software are advised to update to a fixed version as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.