PT-2026-58069 · Unknown · Easyappointments

Published

2026-07-14

·

Updated

2026-07-14

·

CVE-2026-52841

CVSS v3.1

3.1

Low

VectorAV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Easy!Appointments versions prior to 1.6.0
Description An issue exists where the Google::oauth function at application/controllers/Google.php:278 stores a URL-supplied provider id in the session. Subsequently, the oauth callback function saves the issued Google OAuth token to that row without verifying if the caller owns the provider. This allows any authenticated backend user, such as an admin, provider, or secretary, to rebind another provider's Google synchronization to a Google account under their control. Consequently, the affected provider's appointments, including customer names and emails as attendee data, are synchronized into the attacker's calendar.
Recommendations Update to version 1.6.0.

Exploit

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-52841
GHSA-8HM4-R66F-29WR

Affected Products

Easyappointments