A vulnerability was found in easyappointments up to 1.4.x and classified as critical. This issue affects some unknown processing of the file /customers/{customerId}. The manipulation leads to authorization bypass.
The identification of this vulnerability is CVE-2023-38054. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.