Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OpenMRS < 2.2

High

Synopsis

The remote web server is vulnerable to an authentication bypass flaw

Description

The remote host is running the OpenMRS software. OpenMRS is a project for sharing electronic medical records. The observed version of OpenMRS is vulnerable to the following vulnerabilities : 1. HTML-injection vulnerabilities 2. Cross-site scripting vulnerabilities 3.Cross-site request forgery vulnerabilities 4. An access bypass vulnerability. An attacker, exploiting these flaws, would be able to gain access to confidential data.

Solution

Contact the vendor for a fix.