Opencrx Security Vulnerabilities and Issues — Opencrx CVE List

Lucene search

OpencrxOpencrx

10 matches found

CVE•added 2023/11/18 4:15 a.m.•51 views

CVE-2023-40817

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2021/09/29 2:15 p.m.•50 views

CVE-2021-25959

In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. This allows execution of external javascript files on any user of the openCRX instance.

6.1CVSS6.3AI score0.00396EPSS

CVE•added 2023/11/18 4:15 a.m.•40 views

CVE-2023-40815

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2023/11/18 4:15 a.m.•37 views

CVE-2023-40812

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2023/11/18 4:15 a.m.•37 views

CVE-2023-40813

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Saved Search Creation.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2023/11/18 4:15 a.m.•36 views

CVE-2023-40814

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2023/11/18 4:15 a.m.•34 views

CVE-2023-40809

OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number.

6.1CVSS6.3AI score0.00071EPSS

CVE•added 2023/11/18 4:15 a.m.•33 views

CVE-2023-40810

OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2023/11/18 4:15 a.m.•31 views

CVE-2023-40816

OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field.

6.1CVSS6.3AI score0.00098EPSS

CVE•added 2024/02/29 1:38 a.m.•16 views

CVE-2023-27151

openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number (in the Saved Search Activity) via the Name, Description, or Activity Number field.

6.1CVSS7.4AI score0.00378EPSS