Openemr@6.0.0 Security Vulnerabilities and Issues — Openemr@6.0.0 CVE List

Lucene search

Open-emrOpenemr6.0.0

4 matches found

CVE•added 2022/03/23 10:15 p.m.•76 views

CVE-2022-25041

OpenEMR v6.0.0 was discovered to contain an incorrect access control issue.

4.3CVSS4.8AI score0.00369EPSS

CVE•added 2022/03/25 9:15 p.m.•70 views

CVE-2022-24643

A stored cross-site scripting (XSS) issue was discovered in the OpenEMR Hospital Information Management System version 6.0.0.

5.4CVSS5.2AI score0.01559EPSS

CVE•added 2022/03/03 12:15 a.m.•56 views

CVE-2022-25471

An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.

8.1CVSS7.7AI score0.01304EPSS

CVE•added 2022/04/18 5:15 p.m.•47 views

CVE-2020-13567

Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.

9.8CVSS9.9AI score0.00054EPSS