mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
849 B
849 B
CVE-2020-28937
Description
OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.
POC
Reference
- https://labs.bishopfox.com/advisories/openclinic-version-0.8.2
- https://labs.bishopfox.com/advisories/openclinic-version-0.8.2
Github
No PoCs found on GitHub currently.