CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4505 – Authorization Bypass Through User-Controlled Key in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-4505
15 Dec 2022 — Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.2. Omisión de autorización a través de una clave controlada por el usuario en el repositorio de GitHub openemr/openemr anterior a 7.0.0.2. • https://github.com/openemr/openemr/commit/235b1910ffe5296187667277d4e197a0c3a9ac33 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2824 – Authorization Bypass Through User-Controlled Key in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2824
15 Aug 2022 — Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. Un Control de Acceso inapropiado en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1. • https://github.com/openemr/openemr/commit/c5d99452c173ef21a8e2241e2bbf4b66e2d7fe11 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2734 – Improper Restriction of Rendered UI Layers or Frames in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2734
09 Aug 2022 — Improper Restriction of Rendered UI Layers or Frames in GitHub repository openemr/openemr prior to 7.0.0.1. Una Restricción Inapropiada de Capas o Marcos de Interfaz de Usuario Renderizados en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/203243467675e85b8b479c778e44ae1aac8bad55 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2732 – Missing Authorization in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2732
09 Aug 2022 — Missing Authorization in GitHub repository openemr/openemr prior to 7.0.0.1. Una Administración inapropiada de Privilegios en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/2973592bc7b1f4996738a6fd27d1e277e33676b6 • CWE-862: Missing Authorization •
CVSS: 9.6EPSS: 88%CPEs: 1EXPL: 1CVE-2022-2733 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2733
09 Aug 2022 — Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/59458bc15ab0cb556c521de9d5187167d6f88945 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2731 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2731
09 Aug 2022 — Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.0.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Reflejado en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/285fb234bd27ea4c46a29f2797edda7f38f1d8db • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 1%CPEs: 1EXPL: 1CVE-2022-2729 – Cross-site Scripting (XSS) - DOM in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2729
09 Aug 2022 — Cross-site Scripting (XSS) - DOM in GitHub repository openemr/openemr prior to 7.0.0.1. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - DOM en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/74d21039aec641b2c406e3baf238ae4602a968b6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2730 – Authorization Bypass Through User-Controlled Key in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2730
09 Aug 2022 — Authorization Bypass Through User-Controlled Key in GitHub repository openemr/openemr prior to 7.0.0.1. Una Anulación de la Autorización Mediante la Clave Controlada por el Usuario en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0.1 • https://github.com/openemr/openemr/commit/2973592bc7b1f4996738a6fd27d1e277e33676b6 • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 6.3EPSS: 2%CPEs: 1EXPL: 1CVE-2022-2494 – Cross-site Scripting (XSS) - Stored in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2494
22 Jul 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0 • https://github.com/openemr/openemr/commit/152e551208e6de534ab194c87e9ffa4d56d294a8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2493 – Data Access from Outside Expected Data Manager Component in openemr/openemr
https://notcve.org/view.php?id=CVE-2022-2493
22 Jul 2022 — Data Access from Outside Expected Data Manager Component in GitHub repository openemr/openemr prior to 7.0.0. Un Acceso a Datos desde Fuera del Componente de Administración de Datos Esperado en el repositorio de GitHub openemr/openemr versiones anteriores a 7.0.0 • https://github.com/openemr/openemr/commit/871ae5198d8ca18fd17257ae7c5c906a52dca908 • CWE-1083: Data Access from Outside Expected Data Manager Component •