CVE-2018-16795

Publication date

2020-12-31 02:32:43

Family

mitre

State

PUBLISHED

Description

OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file.