OpenEMR version 6.0.0 suffers from an insecure direct object reference vulnerability.
cfdad061a5f147865a0eb5338656760f
# Exploit Title: Openemr 6.0.0 - Insecure direct object references
# Date: 31/8/2021
# Exploit Author: Allen Enosh Upputori
# Vendor Homepage: https://community.open-emr.org
# Version: 6.0.0
# Tested on: Linux
# CVE: 2021-40352
PoC: An attacker who has Physician Access can read messages with were sent to others members including admin messages the vulnerability exits in the print message feature = "pnotes_print.php?noteid=16" changing the "noteid=" to any other number will reveal the messages of everyone
https://github.com/allenenosh/CVE-2021-40352