CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2949 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2949
28 May 2023 — Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2948 – Cross-site Scripting (XSS) - Generic in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2948
28 May 2023 — Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2950 – Improper Authorization in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2950
28 May 2023 — Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/abee8d2606c706176818de25eb88a2d08b8f7fa4 • CWE-285: Improper Authorization •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2946 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2946
27 May 2023 — Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/81832acc14207e577e76c4175967c99ae7e3d3f4 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2945 – Missing Authorization in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2945
27 May 2023 — Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/3656bc88288957d68ba040cad2e5f9dbd1b607b1 • CWE-862: Missing Authorization •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2944 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2944
27 May 2023 — Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/723ac5d78080d1b8542f47673988cd63e0389d25 • CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2942 – Improper Input Validation in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2942
27 May 2023 — Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2943 – Code Injection in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2943
27 May 2023 — Code Injection in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-2947 – Cross-site Scripting (XSS) - Stored in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2947
27 May 2023 — Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/8d2d601ac40aca75bcd2c3cf193f59c8e56d8425 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2674 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2674
12 May 2023 — Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/bb4244c83a74628faafabc0598366f49863914a9 • CWE-284: Improper Access Control •