CNNVD-202601-4630 Information
CNNVD ID
CNNVD-202601-4630
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
OpenEMR是OpenEMR社区的一套开源的医疗管理系统。该系统可用于医疗实践管理、电子医疗记录、处方书写和医疗帐单申请。 OpenEMR 7.0.4之前版本存在信息泄露漏洞,该漏洞源于访问控制不当,可能导致未授权用户查看和修改敏感数据。
Description (English)
OpenEMR is an open-source medical management system for the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing applications. There was an information leakage loophole in the previous version of OpenEMR 7.0.4, which stemmed from inadequate access controls and could lead to unauthorized users viewing and modifying sensitive data.
Hazard Level
High
Vulnerability Type
信息泄露
Affected Vendor
OpenEMR
Published
2026-01-28
Last Modified
2026-02-24
References
https://github.com/openemr/openemr/commit/aef3d1c85d9ff2f28d3d361d2818aee79b6dcd33 https://github.com/openemr/openemr/security/advisories/GHSA-739g-6m63-p7fr
Patch
https://www.open-emr.org/wiki/index.php/OpenEMR_Downloads
Share on: