Vulnerabilities > Opencrx > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-46502 | XXE vulnerability in Opencrx 5.2.2 An issue in openCRX v.5.2.2 allows a remote attacker to read internal files and execute server side request forgery attack via insecure DocumentBuilderFactory. | 9.8 |
| 2020-11-24 | CVE-2020-7378 | Improper Authentication vulnerability in Opencrx CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. | 9.1 |