Urgent - 15 Vulnerabilities in EasyAppointments

Ravid Mazon

unread,

Apr 17, 2024, 5:11:21 AMApr 17

to Easy!Appointments - Support Group

Hey,
8 months ago, our team at Palo Alto Networks confidentially reported 15 vulnerabilities in EasyAppointments, some of which are of critical and pose substantial risks to users. Up to now, we haven’t observed any attempts to mitigate these issues in the code.
This leaves all customers exposed to potential risks as attackers could exploit them and take over EasyAppointments deployment and gain sensitive medical information.
Is there an ETA for the fix?

Alex Tselegidis

unread,

Apr 22, 2024, 12:19:58 PMApr 22

to Easy!Appointments - Support Group

Hello!

Most security issues are being addressed immediately.

Can you please resend your issue report to in...@easyappointments.org for further verification?

Thanks

Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!

Ravid Mazon

unread,

Apr 24, 2024, 8:17:37 AMApr 24

to Easy!Appointments - Support Group

We sent it over 8 months and we just sent it again.
What is the ETA for the mitigations?

Alex Tselegidis

unread,

Apr 26, 2024, 7:03:12 AMApr 26

to Easy!Appointments - Support Group

Hello!

Not sure how this is left as most security issues are being carefully checked.

We're currently verifying the cases for their validity and will contact you in person.

Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!

BaT DANIEL

unread,

May 21, 2024, 1:50:13 AMMay 21

to Easy!Appointments - Support Group

Hello,

I would be nice to have a feedback on theses Vulnerabilities and potential fix, there is no update to 1.4.3 since 2022.

Alex Tselegidis

unread,

May 27, 2024, 10:58:08 AMMay 27

to Easy!Appointments - Support Group

Hello!

They are all addressed and verified in the develop branch and in the latest 1.5 alpha package

Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!

Reply all

Reply to author

Forward