Vulnerabilities > Cliniccases > Cliniccases

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-38707 Cross-site Scripting vulnerability in Cliniccases 7.3.3
Persistent cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow low-privileged attackers to introduce arbitrary JavaScript to account parameters.
3.5
2021-09-07 CVE-2021-38706 SQL Injection vulnerability in Cliniccases 7.3.3
messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.
network
low complexity
cliniccases CWE-89
6.5
2021-09-07 CVE-2021-38705 Cross-Site Request Forgery (CSRF) vulnerability in Cliniccases 7.3.3
ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF).
6.8
2021-09-07 CVE-2021-38704 Cross-site Scripting vulnerability in Cliniccases 7.3.3
Multiple reflected cross-site scripting (XSS) vulnerabilities in ClinicCases 7.3.3 allow unauthenticated attackers to introduce arbitrary JavaScript by crafting a malicious URL.
4.3