CVE-2022-25471

Published March 3rd, 2022

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

5.5

MEDIUM

Affected

PROJECT

Description

An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.

openemr/openemr

The most popular open source electronic health records and medical practice management solution.

GitHub

5.21K