by Manuel Ginés | Jan 31, 2023
OpenEMR – Broken Access Controls in Patient’s Document Section (CVE-2022-4567) 14/Dec/2022 Vendor: URL: Affected Versions: Author: CWE Category: CVE Identifier: CVSS Vector: Severity: OpenEMR https://www.open-emr.org/ <= 7.0.0 patch1 Manuel Ginés...
by Manuel Ginés | Jan 31, 2023
OpenEMR – File Upload Content-Type Validation Error (CVE-2022-4506) 14/Dec/2022 Vendor: URL: Affected Versions: Author: CWE Category: CVE Identifier: CVSS Vector: Severity: OpenEMR https://www.open-emr.org/ <= 7.0.0 patch1 Manuel Ginés Rodríguez CWE-434...
by Manuel Ginés | Jan 31, 2023
OpenEMR – Reflected Cross-Site Scripting in Payments Module (CVE-2022-4503) 14/Dec/2022 Vendor: URL: Affected Versions: Author: CWE Category: CVE Identifier: CVSS Vector: Severity: OpenEMR https://www.open-emr.org/ <= 7.0.0 patch1 Manuel Ginés Rodríguez...
by Manuel Ginés | Jan 31, 2023
OpenEMR – Improper Name Validation in Document Uploads (CVE-2022-4505) 14/Dec/2022 Vendor: URL: Affected Versions: Author: CWE Category: CVE Identifier: CVSS Vector: Severity: OpenEMR https://www.open-emr.org/ <= 7.0.0 patch1 Manuel Ginés Rodríguez CWE-20...
by Manuel Ginés | Dec 5, 2022
OpenEMR – Multiple Reflected Cross-Site Scripting in Messages Module (CVE-2022-4502) 14/Dec/2022 Vendor: URL: Affected Versions: Author: CWE Category: CVE Identifier: CVSS Vector: Severity: OpenEMR https://www.open-emr.org/ <= 7.0.0 patch1 Manuel Ginés...