OpenEMR contains a critical vulnerability where an unauthenticated attacker can steal MedEx API tokens, resulting in the exposure of sensitive patient health information.

The MedEx callback endpoint explicitly bypasses authentication ($ignoreAuth = true). By providing a callback_key via POST, an unauthenticated visitor triggers a login process that returns the full JSON response, including sensitive MedEx API tokens.

This vulnerability carries a CVSS score of 10. The exposure of API tokens allows for complete third-party service compromise, unauthorized actions on the MedEx platform, and the exfiltration of Protected Health Information (PHI). This constitutes a major security failure and a direct violation of HIPAA regulations.

Immediate Action: Upgrade OpenEMR to version 8.0.0 immediately. Following the upgrade, revoke and rotate all MedEx API tokens to ensure any previously leaked tokens are invalidated.

Proactive Monitoring: Review access logs for the MedEx callback endpoint for unauthorized POST requests and monitor MedEx platform logs for suspicious activity.

Compensating Controls: Implement IP whitelisting for the MedEx callback endpoint so that only legitimate MedEx servers can communicate with the application.

Public Exploit Available: No

This is a critical security flaw with severe legal and financial implications. We strongly urge immediate patching and token rotation to protect patient data and maintain regulatory compliance.