Open-Emr: >> Openemr >> 4.1.2.3 Security Vulnerabilities
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
8.3
EPSS Score
0.844
Published
2023-05-28
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-05-27
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
4.7
EPSS Score
0.225
Published
2023-05-27
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
4.6
EPSS Score
0.001
Published
2023-05-27
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
6.3
EPSS Score
0.001
Published
2023-05-27
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
4.3
EPSS Score
0.003
Published
2023-05-27
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
8.1
EPSS Score
0.005
Published
2023-05-27
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
8.8
EPSS Score
0.003
Published
2023-05-12
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVSS Score
7.5
EPSS Score
0.02
Published
2023-05-08
A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI.
CVSS Score
5.4
EPSS Score
0.003
Published
2023-02-22