MdAlAmin-aol Own Health Record logout.php cross-site request forgery
CVE-2018-25096

4.3MEDIUM

Key Information:

Vendor

Mdalamin-aol

Status
Own Health Record
Vendor
CVE Published:
30 December 2023

What is CVE-2018-25096?

A vulnerability was found in MdAlAmin-aol Own Health Record 0.1-alpha/0.2-alpha/0.3-alpha/0.3.1-alpha. It has been rated as problematic. This issue affects some unknown processing of the file includes/logout.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 0.4-alpha is able to address this issue. The patch is named 58b413aa40820b49070782c786c526850ab7748f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-249191.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Own Health Record 0.1-alpha

Own Health Record 0.2-alpha

Own Health Record 0.3-alpha

References

https://vuldb.com/?id.249191
vdb-entry
https://vuldb.com/?ctiid.249191
signaturepermissions-required
https://github.com/MdAlAmin-aol/ownhealthrecord/commit/58...
patch

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

VulDB GitHub Commit Analyzer
JSON
.