A BOLA vulnerability in POST /admins allows a low privileged user to create a high privileged user (admin) in the system. This results in privilege escalation.CreditsRavid MazonJay ChenReferenceshttps://github.com/alextselegidis/easyappointments
