exploitDog

GHSA-vp9q-x4hq-pp7p

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.

The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.

Ссылки

EPSS

Процентиль: 69%

0.00593

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-116

Связанные уязвимости

CVE-2017-12064

CVSS3: 7.5

nvd

больше 8 лет назад

The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.

EPSS

Процентиль: 69%

0.00593

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-116