Vulnerabilities > Cliniccases > Cliniccases
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-38704 | Cross-site Scripting vulnerability in Cliniccases 7.3.3 Multiple reflected cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL. | 4.3 |
| 2021-09-07 | CVE-2021-38705 | Cross-Site Request Forgery (CSRF) vulnerability in Cliniccases 7.3.3 ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF). | 6.8 |
| 2021-09-07 | CVE-2021-38706 | SQL Injection vulnerability in Cliniccases 7.3.3 messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter. | 6.5 |
| 2021-09-07 | CVE-2021-38707 | Cross-site Scripting vulnerability in Cliniccases 7.3.3 Persistent cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters. | 3.5 |