exploitDog

GHSA-427h-c47c-jgj4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.

OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.

Ссылки

EPSS

Процентиль: 4%

0.00019

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2018-16795

CVSS3: 8.8

nvd

около 5 лет назад

OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.

EPSS

Процентиль: 4%

0.00019

Низкий

CVE ID

Дефекты

CWE-352