Openemr Security Vulnerabilities and Issues — Openemr CVE List

Lucene search

Open-emrOpenemr

8 matches found

CVE•added 2022/03/30 11:15 a.m.•81 views

CVE-2022-1177

Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.

6.5CVSS4.8AI score0.03305EPSS

CVE•added 2022/03/23 10:15 p.m.•76 views

CVE-2022-25041

OpenEMR v6.0.0 was discovered to contain an incorrect access control issue.

4.3CVSS4.8AI score0.00369EPSS

CVE•added 2022/03/30 12:15 p.m.•72 views

CVE-2022-1181

Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.2.

8CVSS5.6AI score0.28185EPSS

CVE•added 2022/03/25 9:15 p.m.•70 views

CVE-2022-24643

A stored cross-site scripting (XSS) issue was discovered in the OpenEMR Hospital Information Management System version 6.0.0.

5.4CVSS5.2AI score0.01559EPSS

CVE•added 2022/03/30 12:15 p.m.•68 views

CVE-2022-1179

Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.

5.4CVSS4.8AI score0.50874EPSS

CVE•added 2022/03/30 12:15 p.m.•68 views

CVE-2022-1180

Reflected Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.

4.6CVSS3.8AI score0.18525EPSS

CVE•added 2022/03/30 12:15 p.m.•61 views

CVE-2022-1178

Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4.

7.3CVSS5.5AI score0.24476EPSS

CVE•added 2022/03/03 12:15 a.m.•56 views

CVE-2022-25471

An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register.

8.1CVSS7.7AI score0.01304EPSS