Vulnerabilities > Open EMR > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-12 | CVE-2023-2674 | Unspecified vulnerability in Open-Emr Openemr Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. | 4.3 |
| 2023-05-08 | CVE-2023-2566 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. | 4.8 |
| 2023-02-22 | CVE-2023-22972 | Cross-site Scripting vulnerability in Open-Emr Openemr A Reflected Cross-site scripting (XSS) vulnerability in interface/forms/eye_mag/php/eye_mag_functions.php in OpenEMR < 7.0.0 allows remote authenticated users to inject arbitrary web script or HTML via the REQUEST_URI. | 5.4 |
| 2022-12-27 | CVE-2022-4733 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2. | 4.8 |
| 2022-12-19 | CVE-2022-4615 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. | 6.1 |
| 2022-12-15 | CVE-2022-4502 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. | 6.1 |
| 2022-12-15 | CVE-2022-4503 | Unspecified vulnerability in Open-Emr Openemr Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2. | 6.1 |
| 2022-12-15 | CVE-2022-4505 | Unspecified vulnerability in Open-Emr Openemr Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2. | 4.3 |
| 2022-08-15 | CVE-2022-2824 | Unspecified vulnerability in Open-Emr Openemr Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. | 5.4 |
| 2022-08-09 | CVE-2022-2734 | Unspecified vulnerability in Open-Emr Openemr Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1. | 5.4 |