12 matches found
CVE-2026-25135
OpenEMR prior to version 8.0.0 contains an information disclosure vulnerability accessible to authenticated clients with the system/(Group,Patient,*).$export operation and system/Location.read capabilities. The flaw allows leaking the entire contact information for all users, organizations, and p...
CVE-2026-25135 OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to anyone who has the...
CVE-2026-25135 OpenEMR's location resource for Group.$export operation returns entire patient/user population contact information
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0 have an information disclosure vulnerability that leaks the entire contact information for all users, organizations, and patients in the system to anyone who has the...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
VulnCheck KEV: CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
Authorization
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexportdownload=true request to a plugins/servlet/groupexportforjira/admin/ URI...
CVE-2022-39960
The CVE-2022-39960 issue affects the Netic Group Export add-on for Atlassian Jira, prior to version 1.0.3. The extension does not perform authorization checks, enabling an unauthenticated user to export all groups by calling groupexport_download=true on plugins/servlet/groupexportforjira/admin/. ...
Atlassian Jira 安全漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used to track and manage various issues and defects in the workplace. A security vulnerability exists in Atlassian Jira Netic Group Export versions prior to 1.0.3 that stems from not performing...