Critical Security Fix for CVE-2017-16540
From OpenEMR Project Wiki
- There is a critical security vulnerability in OpenEMR before 5.0.0 Patch 5 . More details can be found here: https://nvd.nist.gov/vuln/detail/CVE-2017-16540
- In order to protect yourself from this vulnerability:
- If using OpenEMR 5.0.0:
- If using OpenEMR 4.2.2 or lower:
- Remove the setup.php file from the openemr web directory.