CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4615 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4615
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.2. Cross-Site Scripting (XSS) Reflejado en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/d5eb41697f7f1bc2c7ee5bc9bbf58684e1c8cc14 https://huntr.dev/bounties/9c66ece4-bcaa-417d-8b98-e8daff8a728b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4567 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4567
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2. Control de acceso inadecuado en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/953cb84dfd55fee9d5296668ec7fdb8bf25bcea4 https://huntr.dev/bounties/1ac677c4-ec0a-4788-9465-51d9b6bd8fd2 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4505 – Authorization Bypass Through User-Controlled Key in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4505
Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2. Omisión de autorización a través de una clave controlada por el usuario en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/235b1910ffe5296187667277d4e197a0c3a9ac33 https://huntr.dev/bounties/e36ca754-bb9f-4686-ad72-7fb849e97d92 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4503 – Cross-site Scripting (XSS) - Generic in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4503
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.0.2. Cross-Site Scripting (XSS): genérico en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/37d7ed4855763fc588485f05b2e9cc0944f71879 https://huntr.dev/bounties/4cba644c-a2f5-4ed7-af5d-f2cab1895e13 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4506 – Unrestricted Upload of File with Dangerous Type in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4506
Unrestricted Upload of File with Dangerous Type in GitHub repository openemr/openemr prior to 7.0.0.2. Carga sin restricciones de archivos con tipo peligroso en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/2e7678d812df167ea3c0756382408b670e8aa51f https://huntr.dev/bounties/f423d193-4ab0-4f03-ad90-25e4f02e7942 https://www.cve.org/CVERecord?id=CVE-2022-4506 • CWE-434: Unrestricted Upload of File with Dangerous Type •