Vulnerabilities > Openmrs > Reference Application
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-27 | CVE-2021-4288 | Cross-site Scripting vulnerability in Openmrs Reference Application A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. | 6.1 |
| 2022-12-27 | CVE-2021-4289 | Cross-site Scripting vulnerability in Openmrs Reference Application A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. | 6.1 |
| 2022-05-10 | CVE-2021-43094 | SQL Injection vulnerability in Openmrs and Reference Application An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. | 7.5 |
| 2018-09-05 | CVE-2018-16521 | XXE vulnerability in Openmrs Html Form Entry and Reference Application An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. | 7.5 |