I learned today about vulnerability CVE-2025-25929 (see also CVEs/OpenMRS at main · johnchd/CVEs · GitHub. The report states that /legacyui/quickReportServlet of Openmrs 2.4.3 Build 0ff0ed is affected. Is only this specific build affected, or does this also affect other versions? Which versions are affected?
Did you get a chance to look at this? OpenMRS Critical Security Advisory 2025-01-30
I did not see that post, thanks!
I will upgrade the modules/versions specified in that post.