CVE-2021-25923

CVE-2021-25923

In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum password length limit. If a malicious user is aware of the first 72 characters of the victim user’s password, he can leverage it to an account takeover.

Source: CVE-2021-25923

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다