Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Apperta Foundation OpenEyes 3.5.1 allows remote attackers to view the sensitive information of patients without having the intended level of privilege. Despite OpenEyes returning a Forbidden error message, the contents of a patient's profile are still returned in the server response. This response can be read in an intercepting proxy or by viewing the page source. Sensitive information returned in responses includes patient PII and medication records or history.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apperta Foundation OpenEyes 信息泄露漏洞
Vulnerability Description
Apperta Foundation OpenEyes是Apperta Foundation基金会的一个开源电子病历(ERP)。 Apperta Foundation OpenEyes 3.5.1 存在安全漏洞,该漏洞允许远程攻击者在没有预期权限级别的情况下查看患者的敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A