CVE-2023-3288 Information

Description

A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user (provider) in the system. This results in privilege escalation.

Reference

https://github.com/alextselegidis/easyappointments