Urgent - 15 Vulnerabilities in EasyAppointments still not fixed in the latest version
92 views
Skip to first unread message
Ravid Mazon
Jun 17, 2024, 9:25:25 AMJun 17
to Easy!Appointments - Support Group
Hello,
As a reminder, 10 months ago (August 2023), our team at Palo Alto Networks confidentially reported 15 vulnerabilities in EasyAppointments, some of which are of critical and pose substantial risks to users.
Although these issues were fixed in a develop branch, up to now, there is no stable version that contains the fix for these issues.
This is a reference the previous ticket we opened 2 months ago: https://groups.google.com/g/easy-appointments/c/_AC1_0KoYvE
We urge you to prioritize the release of a stable version incorporating these security fixes. The users of EasyAppointments rely on the application's security, and delaying the public release of these fixes continues to put them at risk.
As a reminder, 10 months ago (August 2023), our team at Palo Alto Networks confidentially reported 15 vulnerabilities in EasyAppointments, some of which are of critical and pose substantial risks to users.
Although these issues were fixed in a develop branch, up to now, there is no stable version that contains the fix for these issues.
This is a reference the previous ticket we opened 2 months ago: https://groups.google.com/g/easy-appointments/c/_AC1_0KoYvE
We urge you to prioritize the release of a stable version incorporating these security fixes. The users of EasyAppointments rely on the application's security, and delaying the public release of these fixes continues to put them at risk.
Alex Tselegidis
Jun 20, 2024, 11:50:51 AMJun 20
to Easy!Appointments - Support Group
Hello Ravid,
Alex Tselegidis, Easy!Appointments Creator
Need a customization? Get a free quote!
As a reminder, I had already informed you in person that first we need to patch all the 1.5 Alpha issues (which we're successfully almost completed).
The 1.5 Beta is the next step ;)
Alex Tselegidis, Easy!Appointments Creator Need a customization? Get a free quote!
Aviv Sasson
Jun 24, 2024, 4:35:50 AM (12 days ago) Jun 24
to Easy!Appointments - Support Group
Hi Alex,
The fix for these critical issue keeps getting delayed, putting users at serious risk for almost a year now.
The fix for these critical issue keeps getting delayed, putting users at serious risk for almost a year now.
When should we expect a new version with fixes for those critical vulnerabilities?
Alex Tselegidis
Jul 1, 2024, 4:24:36 AM (5 days ago) Jul 1
to Easy!Appointments - Support Group
Hello!
Beta release became available today.
Depending on how many issues are reported I would expect stable to become available in a week or two
Reply all
Reply to author
Forward
0 new messages