Vulnerability CVE-2024-26476
Published: 2024-02-28   Modified: 2024-02-29

Description:
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.

 References:
https://github.com/mpdf/mpdf/issues/867
https://github.com/c4v4r0n/Research/blob/main/openemr_BlindSSRF/README.md
Copyright 2026, cxsecurity.com

 

Back to Top