Vulnerabilities > Openmrs

DATE CVE VULNERABILITY TITLE RISK
2022-12-27 CVE-2020-36635 Cross-site Scripting vulnerability in Openmrs Appointment Scheduling Module
A vulnerability was found in OpenMRS Appointment Scheduling Module up to 1.12.x.
network
low complexity
openmrs CWE-79
5.4
2022-12-27 CVE-2020-36636 Cross-site Scripting vulnerability in Openmrs Admin UI Module
A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2021-4291 Cross-site Scripting vulnerability in Openmrs Admin UI Module 1.5.0
A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2021-4292 Cross-site Scripting vulnerability in Openmrs Admin UI Module
A vulnerability was found in OpenMRS Admin UI Module up to 1.4.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2022-4727 Cross-site Scripting vulnerability in Openmrs Appointment Scheduling Module
A vulnerability, which was classified as problematic, was found in OpenMRS Appointment Scheduling Module up to 1.16.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2021-4288 Cross-site Scripting vulnerability in Openmrs Reference Application
A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2021-4289 Cross-site Scripting vulnerability in Openmrs Reference Application
A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x.
network
low complexity
openmrs CWE-79
6.1
2022-12-27 CVE-2021-4284 Cross-site Scripting vulnerability in Openmrs Htmlformentryui
A vulnerability classified as problematic has been found in OpenMRS HTML Form Entry UI Framework Integration Module up to 1.x.
network
low complexity
openmrs CWE-79
6.1
2022-05-10 CVE-2021-43094 SQL Injection vulnerability in Openmrs
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.
network
low complexity
openmrs CWE-89
critical
9.8
2022-02-22 CVE-2022-23612 Path Traversal vulnerability in Openmrs
OpenMRS is a patient-based medical record system focusing on giving providers a free customizable electronic medical record system.
network
low complexity
openmrs CWE-22
7.5