Browse all 3 CVE security advisories affecting easyappointments. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Easyappointments is an open-source appointment scheduling system designed for managing bookings and resources. Historically, it has been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The application has three CVEs on record, with some allowing unauthenticated attackers to execute arbitrary code or access sensitive data. Security researchers have identified input validation flaws and insufficient access controls as recurring problems. While no major public security incidents have been widely documented, the consistent discovery of vulnerabilities in its codebase highlights the importance of regular updates and security hardening for organizations using this scheduling solution.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-2262 | Easy Appointments <= 3.12.21 - Unauthenticated Sensitive Information Exposure via REST API — Easy AppointmentsCWE-200 | 7.5 | High | 2026-04-17 |
| CVE-2024-2844 | Easy Appointments <= 3.11.18 - Insufficient Authorization — Easy AppointmentsCWE-862 | 4.3 | Medium | 2024-03-29 |
| CVE-2024-2842 | Easy Appointments <= 3.11.18 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy AppointmentsCWE-79 | 6.4 | Medium | 2024-03-29 |
This page lists every published CVE security advisory associated with easyappointments. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.