OpenEMR
CVE Severity Distribution (All Time)
Timeline Overview
Recent CVEs
View allA stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputB…
An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
Code Injection in GitHub repository openemr/openemr prior to 7.0.1.