CVE-2021-40352
Opnemr Version 6.0.0 Has a security vulnerability where an attacker who has Physician Access can read messages with were sent to others members including admin messages
the vulnerability exits in the print message feature = "pnotes_print.php?noteid=16"
changing the "noteid=" to any other number will reveal the messages of everyone
Discovered by Allen Enosh Upputori , September 2021 .
CVE issued 31/08/2021
Check the CVE listed here : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40352.