An issue was discovered in OpenClinic GA 5.247.01. An Information Disclosure vulnerability has been identified in the printAppointmentPdf.jsp component of OpenClinic GA. By changing the AppointmentUid parameter, an attacker can determine whether a specific appointment exists based on the error message.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-03-19T00:00:00
Updated: 2024-08-02T18:31:52.378Z
Reserved: 2023-08-14T00:00:00
Link: CVE-2023-40278
Vulnrichment
Updated: 2024-08-02T18:31:52.378Z
NVD
Status : Awaiting Analysis
Published: 2024-03-19T12:15:07.473
Modified: 2024-08-01T13:44:29.937
Link: CVE-2023-40278
Redhat
No data.