A BOLA vulnerability in POST /providers allows a low privileged user to create a privileged user (provider) in the system. This results in privilege escalation.CreditsRavid MazonJay ChenReferenceshttps://github.com/alextselegidis/easyappointments