Vulnerabilities > Open EMR > Openemr > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-11-17 CVE-2017-1000240 Cross-site Scripting vulnerability in Open-Emr Openemr
The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting (XSS) vulnerabilities affecting version 5.0.0 and prior versions.
network
low complexity
open-emr CWE-79
5.4
5.4
2017-03-02 CVE-2017-6394 Cross-site Scripting vulnerability in Open-Emr Openemr 5.0.1
Multiple Cross-Site Scripting (XSS) issues were discovered in OpenEMR 5.0.0 and 5.0.1-dev.
network
low complexity
open-emr CWE-79
6.1
6.1