The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an authenticated non-administrator users to view and modify information only accessible to administrators.
https://www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2017-004