SQL Injection Vulnerability in eClinicalWorks Population Health (CCMR)

SQL Injection Vulnerability in eClinicalWorks Population Health (CCMR)

CVE-2015-4592 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserService.jsp which allows remote authenticated users to inject arbitrary malicious database commands as part of user input.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.