The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-08-01T05:00:00
Updated: 2024-08-05T18:28:15.046Z
Reserved: 2017-07-31T00:00:00
Link: CVE-2017-12064
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-08-01T05:29:00.210
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-12064
Redhat
No data.