Vulnerability Details CVE-2014-8072
The administration module in OpenMRS 2.1 Standalone Edition allows remote authenticated users to obtain read access via a direct request to /admin.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.3%
CVSS Severity
CVSS v2 Score 4.0
References
- http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html
- http://www.securityfocus.com/bid/70664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97693
- http://packetstormsecurity.com/files/128748/OpenMRS-2.1-Access-Bypass-XSS-CSRF.html
- http://www.securityfocus.com/bid/70664
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97693