The exploit demonstrates a local file disclosure vulnerability in OpenMRS by leveraging a directory traversal attack via the 'url' parameter in the 'viewPortlet.htm' script. The provided URLs show how an attacker can access sensitive files like 'web.xml' and 'pom.xml' by traversing directories.
Classification
Working Poc 90%
Target:
OpenMRS 2.3, 2.2, 2.1, 2.0 (Platform 1.11.4, 1.11.2, 1.10.0) and OpenMRS-TB System (OpenMRS 1.9.7)
No auth needed
Prerequisites:
Access to the OpenMRS web interface