OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.
Max CVSS
8.8
EPSS Score
0.25%
Published
2020-12-31
Updated
2021-01-05
1 vulnerabilities found