OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference
Posted on 23 August 2018
OSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities.
