Vulnerabilities > Openmrs > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-10 CVE-2021-43094 SQL Injection vulnerability in Openmrs and Reference Application
An SQL Injection vulnerability exists in OpenMRS Reference Application Standalone Edition <=2.11 and Platform Standalone Edition <=2.4.0 via GET requests on arbitrary parameters in patient.page.
network
low complexity
openmrs CWE-89
7.5
7.5
2019-05-10 CVE-2017-12795 Improper Input Validation vulnerability in Openmrs Openmrs-Module-Htmlformentry 3.3.2
OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation).
network
low complexity
openmrs CWE-20
7.5
7.5
2018-09-05 CVE-2018-16521 XXE vulnerability in Openmrs Html Form Entry and Reference Application
An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.
network
low complexity
openmrs CWE-611
7.5
7.5