Primary

Context

Medical Informatics Engineering Enterprise Health Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in Medical Informatics Engineering Enterprise Health. This vulnerability allows an unauthenticated attacker to deceive administrative users into clicking a manipulated URL, thereby performing actions on behalf of the administrative user. The issue affects several release candidates prior to April 8, 2025.

Impact

Exploitation of this vulnerability could lead to unauthorized actions being performed by administrative users, potentially allowing attackers to manipulate data or system settings within the application.

Remediation

Users can update to the latest version of Medical Informatics Engineering Enterprise Health to address this vulnerability.

Added: Sep 29, 2025, 8:19 PM

Updated: Sep 29, 2025, 8:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Medical Informatics Engineering Enterprise Health Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating