Authenticated Unrestricted File Deletion Vulnerability in LibreHealthIO lh-ehr Version REL-2.0.0

Authenticated Unrestricted File Deletion Vulnerability in LibreHealthIO lh-ehr Version REL-2.0.0

CVE-2018-1000647 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter.

Learn more about our User Device Pen Test.