VYPR

Data Exchange Module

by Openmrs

CVEs (2)

  • CVE-2020-5733Apr 17, 2020
    risk 0.00cvss epss 0.01

    In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of potentially sensitive information.

  • CVE-2020-5732Apr 17, 2020
    risk 0.00cvss epss 0.01

    In OpenMRS 2.9 and prior, he import functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows unauthenticated users to use a feature typically restricted to administrators.