Vulnerabilities > Openmrs > Reference Application > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-10 | CVE-2021-43094 | SQL Injection vulnerability in Openmrs An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page. | 9.8 |
| 2018-09-05 | CVE-2018-16521 | XXE vulnerability in Openmrs Html Form Entry and Reference Application An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. | 9.8 |