Описание
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mieweb:enterprise_health:rc202303:*:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202309:*:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202403:*:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202409:*:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202503:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.0005
Низкий
8.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352
Связанные уязвимости
CVSS3: 8.1
github
4 месяца назад
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08.
EPSS
Процентиль: 16%
0.0005
Низкий
8.1 High
CVSS3
8.8 High
CVSS3
Дефекты
CWE-352