← Back

Htmlformentry

htmlformentry

Vendor: Openmrs • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-24621
1Openmrs
1Htmlformentry
Nov 21, 2024
Sep 25, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be w...Show more
A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS. By leveraging path traversal, a malicious Velocity Template Language file could be written to a directory. This file could then be accessed and executed.Show less