Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability.
References
Link | Resource |
---|---|
https://github.com/Abdullah4eb/CVE-2025-29448 |
Configurations
No configuration.
History
12 May 2025, 19:15
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-284 |
08 May 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Booking logic flaw in Easy!Appointments v1.5.1 allows unauthenticated attackers to create appointments with excessively long durations, causing a denial of service by blocking all future booking availability. |
08 May 2025, 14:39
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 May 2025, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-07 15:15
Updated : 2025-05-12 19:15
NVD link : CVE-2025-29448
Mitre link : CVE-2025-29448
CVE.ORG link : CVE-2025-29448
JSON object : View
Products Affected
No product.
CWE
CWE-284
Improper Access Control