Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-03	CVE-2020-28938	Cross-site Scripting vulnerability in Openclinic Project Openclinic 0.8.2 OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. network low complexity openclinic-project CWE-79	5.4

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.