An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.
CPE | Name | Operator | Version |
---|---|---|---|
openmrs | le | 2.4.0 | |
reference_application | le | 2.11 |