CVE-2020-5733

Published: 2020-04-17T19:15Z

Last Modified: 2024-11-21T05:34Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page when an unauthenticated user attempts to access it. This allows the export of potentially sensitive information. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt