https://www.theregister.co.uk/2018/08/07/openemr_vulnerabilities/

Fresh light has been shed on a batch of security vulnerabilities discovered in the widely used OpenEMR medical records storage system.

A team of researchers at Project Insecurity discovered and reported the flaws, which were patched last month by the OpenEMR developers in version 5.0.1.4. With the fixes now having been out for several weeks, the infosec crew on Tuesday publicly emitted full details of the critical security bugs, with a disclosure [PDF] so long it has its own table of contents.