Vulnerabilities > Openclinic GA Project > Openclinic GA > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-29 | CVE-2020-14492 | Cross-site Scripting vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA 5.09.02 and 5.89.05b does not properly neutralize user-controllable input, which may allow the execution of malicious code within the user’s browser. | 6.1 |
| 2020-07-20 | CVE-2020-14491 | Missing Authorization vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check permissions before executing SQL queries, which may allow a low-privilege user to access privileged information. | 6.5 |