Authenticated Remote Code Execution in OpenMRS



Early in May of 2020, Contrast Labs was exploring different ways in which we could help the community or world combat the increase in attacks against medical and testing facilities. We decided quickly that doing some form of hack-a-thon on OpenMRS (an open medical records system) would help us learn but at the same time help OpenMRS find any application vulnerabilities they could fix to increase their security posture.

Read more…