CVE-2020-13569

2021-01-28T13:15:00
ID CVE-2020-13569
Type cve
Reporter talos-cna@cisco.com
Modified 2022-04-28T19:15:00

Description

A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability.