CVE-2020-29140
OpenEMR is affected by CVE-2020-29140: a SQL injection in interface/reports/immunization_report.php susceptible to exploitation by a remote authenticated attacker via the form_code parameter. The issue affects OpenEMR prior to version 5.0.2.5. The vulnerability is due to improper handling of user...