Vulnerabilities > Open EMR > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-0875 | Unspecified vulnerability in Open-Emr Openemr 7.0.1 A stored cross-site scripting (XSS) vulnerability exists in openemr/openemr version 7.0.1. | 4.8 |
| 2023-05-28 | CVE-2023-2948 | Cross-site Scripting vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 |
| 2023-05-28 | CVE-2023-2949 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. | 6.1 |
| 2023-05-27 | CVE-2023-2947 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 |
| 2023-05-27 | CVE-2023-2944 | Unspecified vulnerability in Open-Emr Openemr Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | 5.4 |
| 2023-05-27 | CVE-2023-2945 | Unspecified vulnerability in Open-Emr Openemr Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1. | 5.4 |
| 2023-05-12 | CVE-2023-2674 | Unspecified vulnerability in Open-Emr Openemr Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | 4.3 |
| 2023-05-08 | CVE-2023-2566 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 |
| 2023-02-22 | CVE-2023-22972 | Cross-site Scripting vulnerability in Open-Emr Openemr A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI. | 5.4 |
| 2022-12-27 | CVE-2022-4733 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2. | 4.8 |