Openemr Security Vulnerabilities and Issues — Openemr CVE List

Lucene search

Open-emrOpenemr

3 matches found

CVE•added 2024/02/28 10:15 p.m.•86 views

CVE-2024-26476

An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.

3.5CVSS6.9AI score0.00045EPSS

CVE•added 2024/11/15 11:15 a.m.•39 views

CVE-2024-0875

A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is exec...

8.1CVSS5.6AI score0.0138EPSS

CVE•added 2024/06/26 10:15 p.m.•36 views

CVE-2024-37734

An issue in OpenEMR 7.0.2 allows a remote attacker to escalate privileges viaa crafted POST request using the noteid parameter.

9.8CVSS7.1AI score0.03509EPSS