In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of potentially sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openmrs openmrs |