3 matches found
CVE-2021-25920
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating a new user, which leads to a malicious user able to read and send sensitive messages on behalf of the victim user...
OpenEMR 2.7.2-rc1 < 6.0.0.1 Access Control Vulnerability
OpenEMR is prone to an access control vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:open-emr:openemr";...
CVE-2021-25920
CVE-2021-25920 pertains to OpenEMR. Across multiple connected sources, versions 2.7.2-rc1 to 6.0.0 are affected by an improper access control vulnerability that occurs when creating a new user. The underlying issue allows a malicious, authenticated user to read and send sensitive messages on beha...