OpenEMR 6.0.0 Insecure Direct Object Reference

OpenEMR version 6.0.0 suffers from an insecure direct object reference vulnerability.


MD5 | cfdad061a5f147865a0eb5338656760f

# Exploit Title: Openemr 6.0.0 - Insecure direct object references 
# Date: 31/8/2021
# Exploit Author: Allen Enosh Upputori
# Vendor Homepage: https://community.open-emr.org
# Version: 6.0.0
# Tested on: Linux
# CVE: 2021-40352

PoC: An attacker who has Physician Access can read messages with were sent to others members including admin messages the vulnerability exits in the print message feature = "pnotes_print.php?noteid=16" changing the "noteid=" to any other number will reveal the messages of everyone

https://github.com/allenenosh/CVE-2021-40352


Related Posts