2 matches found
CVE-2026-24896
OpenEMR prior to version 8.0.0 contains a Broken Access Control vulnerability in the edih_main.php endpoint. An authenticated user, including low-privilege roles (e.g., Receptionist), can access EDI log files by manipulating the log_select parameter in a GET request. The backend does not enforce ...
OpenEMR 访问控制错误漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 8.0.0, there was an access control...