Pricing Enterprise

CVE-2024-37734

9.8CRITICAL

An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.

Published: 6/26/2024Updated: 5/1/2025

View on NVD View on MITRE

Description

An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.

AI AnalysisPowered by AI

Affected Products

open-emropenemr

7.0.2

References

https://github.com/A3h1nt/CVEs/tree/main/OpenEMR
ExploitThird Party Advisory
https://github.com/openemr/openemr/pull/7435#event-12872646667
PatchVendor Advisory
https://github.com/A3h1nt/CVEs/tree/main/OpenEMR
ExploitThird Party Advisory
https://github.com/openemr/openemr/pull/7435#event-12872646667
PatchVendor Advisory