Maplebluexo

**Name of the Vulnerable Software and Affected Versions** open-emr versions prior to 7.0.2 **Description** An issue in open-emr allows a remote attacker to escalate privileges via a crafted script to the `formid` parameter in the ereq form.php component. **Recommendations** For versions prior to 7.0.2, update to version 7.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the ereq form.php component to minimize the risk of exploitation. Avoid using the `formid` parameter in the affected component until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** mPDF versions prior to 7.1.7 **Description** The issue allows for Server-Side Request Forgery (SSRF) if mPDF is deployed as a web application that accepts arbitrary HTML. This can be demonstrated by an `<img src="http://192.168>` substring that triggers a call to `getImage` in `Image/ImageProcessor.php`. It is worth noting that the software maintainer disputes this issue, stating that allowing users to pass HTML without sanitizing it is inherently problematic. **Recommendations** For mPDF versions prior to 7.1.7, as a temporary workaround, consider sanitizing all user-provided HTML to prevent SSRF attacks. Restrict access to the `getImage` function in `Image/ImageProcessor.php` to minimize the risk of exploitation. Avoid using the `src` attribute in the `<img>` tag in the affected API endpoint until the issue is resolved.