OpenMRS < 2.2
High Nessus Network Monitor Plugin ID 8572
SynopsisThe remote web server is vulnerable to an authentication bypass flaw
DescriptionThe remote host is running the OpenMRS software. OpenMRS is a project for sharing electronic medical records. The observed version of OpenMRS is vulnerable to the following vulnerabilities :
1. HTML-injection vulnerabilities
2. Cross-site scripting vulnerabilities
3.Cross-site request forgery vulnerabilities
4. An access bypass vulnerability. An attacker, exploiting these flaws, would be able to gain access to confidential data.
SolutionContact the vendor for a fix.