This repository has been archived by the owner on Aug 24, 2024. It is now read-only.
[SECURITY] Currently unpatched critical security bugs #42
Comments
|
I got cc installed on php 5 I think last time......... That says a lot imo |
|
@sudonoodle @test2a I am currently developing on ClinicCases for version8. I am primarily reworking the UX and doing very little on the sever side. I'm happy to address vulnerabilities but I'm not an expert at PHP. Happy to work with y'all on finding solutions. Would you be able to give me more specifics on what needs to be fixed? |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Please do not use ClinicCases in production environments.
I made several attempts to contact JudsonMitchell (and ClinicCases) in mid 2021 and I had no response.
I can only conclude that ClinicCases is no longer supported and will likely not be updated in the future.
Several critical security vulnerabilities exist in the codebase and can lead to a total compromise of the backend data, including SQL injection attacks. See below:
https://www.cvedetails.com/vendor/25367/Cliniccases.html
Public exploits have been available for over a year.
I raise this issue as a courtesy to legitimate users - be careful with your data.
Please avoid using ClinicCases until patches have been released.
The text was updated successfully, but these errors were encountered: