Product:

Openemr

(Open\-Emr)
Repositories https://github.com/openemr/openemr
#Vulnerabilities 128
Date Id Summary Products Score Patch Annotated
2022-12-19 CVE-2022-4615 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. Openemr 6.1
2022-12-17 CVE-2022-4567 Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2. Openemr 8.1
2022-12-15 CVE-2022-4502 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. Openemr 6.1
2022-12-15 CVE-2022-4503 Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2. Openemr 6.1
2022-12-15 CVE-2022-4504 Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.0.2. Openemr 7.5
2021-01-28 CVE-2020-13569 A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability. Openemr 8.8
2021-02-10 CVE-2020-13565 An open redirect vulnerability exists in the return_page redirection functionality of phpGACL 3.3.7, OpenEMR 5.0.2 and OpenEMR development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can redirect users to an arbitrary URL. An attacker can provide a crafted URL to trigger this vulnerability. Openemr, Phpgacl 6.1
2022-08-09 CVE-2022-2729 Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1. Openemr 5.4
2022-08-09 CVE-2022-2730 Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. Openemr 6.5
2022-08-09 CVE-2022-2731 Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. Openemr 6.1