Vulnerabilities > Opencrx

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-20	CVE-2022-40084	Information Exposure Through Discrepancy vulnerability in Opencrx OpenCRX before v5.2.2 was discovered to be vulnerable to password enumeration due to the difference in error messages received during a password reset which could enable an attacker to determine if a username, email or ID is valid. network low complexity opencrx CWE-203	5.3
2021-09-29	CVE-2021-25959	Cross-site Scripting vulnerability in Opencrx In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters in the password reset functionality. network low complexity opencrx CWE-79	6.1
2020-11-24	CVE-2020-7378	Improper Authentication vulnerability in Opencrx CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. network low complexity opencrx CWE-287 critical	9.1

Vulnerabilities > Opencrx {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Opencrx"}]}