CVE-2018-25096

MEDIUM

MdAlAmin-aol Own Health Record <0.4-alpha - CSRF

Title source: llm
STIX 2.1

Description

A vulnerability was found in MdAlAmin-aol Own Health Record 0.1-alpha/0.2-alpha/0.3-alpha/0.3.1-alpha. It has been rated as problematic. This issue affects some unknown processing of the file includes/logout.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 0.4-alpha is able to address this issue. The patch is named 58b413aa40820b49070782c786c526850ab7748f. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-249191.

References (4)

Core 4

Scores

CVSS v3 4.3
EPSS 0.0032
EPSS Percentile 23.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-352
Status published
Products (1)
petrk94/ownhealthrecord < 0.4
Published Dec 30, 2023
Tracked Since Feb 18, 2026