CVE-2018-19276
OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body.
Date published : 2019-03-17
https://talk.openmrs.org/t/critical-security-advisory-cve-2018-19276-2019-02-04/21607