Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenEMR has Improper ACL On Import/Export Popup
Vulnerability Description
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 have an improper access control on the Import/Export functionality, allowing unauthorized users to perform import and export actions through direct request manipulation despite UI restrictions. This can lead to unauthorized data access, bulk data extraction, and manipulation of system data. Version 8.0.0.3 contains a fix.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
授权机制不恰当
Vulnerability Title
OpenEMR 安全漏洞
Vulnerability Description
OpenEMR是OpenEMR社区的一套开源的医疗管理系统。该系统可用于医疗实践管理、电子医疗记录、处方书写和医疗帐单申请。 OpenEMR 8.0.0.3之前版本存在安全漏洞,该漏洞源于导入/导出功能存在访问控制不当,可能导致未经授权用户通过直接请求操作执行导入和导出操作,进而导致未经授权的数据访问、批量数据提取和系统数据操纵。
CVSS Information
N/A
Vulnerability Type
N/A