4 matches found
EUVD-2017-4333
Malware in sbrugna...
CVE-2017-12796
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system...
Cross site request forgery (csrf)
The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute operating system...
CVE-2017-12796
The CVE-2017-12796 issue affects the OpenMRS Reporting Compatibility Add On prior to 2.0.4 (distributed in the OpenMRS Reference Application prior to 2.6.1). It does not authenticate users during XML deserialization into ReportSchema objects, allowing remote unauthenticated users to execute opera...