CVE-2019-3967

Summary

In OpenEMR 5.0.1 and earlier, the patient file download interface contains a directory traversal flaw that allows authenticated attackers to download arbitrary files from the host system.

Affected Software

VendorProductVersion RangeStatus
n/aOpenEMR5.0.1 and earlieraffected

Weaknesses

  • Directory traversal

ADP Enrichment

CVE Program Container

Additional References

References