>> OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference

OSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities.