CVE-2019-3968

Summary

In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute arbitrary commands on the host system via the Scanned Forms interface when creating a new form.

Affected Software

VendorProductVersion RangeStatus
n/aOpenEMR5.0.1 and earlieraffected

Weaknesses

  • Command Injection

ADP Enrichment

CVE Program Container

Additional References

References