CNNVD-202601-4629 Information
CNNVD ID
CNNVD-202601-4629
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
OpenEMR是OpenEMR社区的一套开源的医疗管理系统。该系统可用于医疗实践管理、电子医疗记录、处方书写和医疗帐单申请。 OpenEMR 7.0.4之前版本存在访问控制错误漏洞,该漏洞源于Profile Edit端点存在访问控制缺陷,可能导致用户修改其他用户的个人资料数据。
Description (English)
OpenEMR is an open-source medical management system for the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing applications. There was a bug in access control in the previous version of OpenEMR 7.4, which stemmed from access control deficiencies at the Profile Edit endpoint, which could lead users to modify the personal data of other users.
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
OpenEMR
Published
2026-01-28
Last Modified
2026-02-24
References
https://github.com/openemr/openemr/commit/e2a682ee71aac71a9f04ae566f4ffca10052bc4a https://github.com/openemr/openemr/security/advisories/GHSA-vjmv-cf46-gffv
Patch
https://www.open-emr.org/wiki/index.php/OpenEMR_Downloads
Share on: