CVE-2020-11436

CVE-2020-11436

EPSS 1.3%

LibreHealth EMR v2.0.0 is vulnerable to XSS that results in the ability to force arbitrary actions on behalf of other users including administrators.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://know.bishopfox.com/advisories https://labs.bishopfox.com/advisories/librehealth-version-2.0.0-0 https://librehealth.io/