CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2948 – Cross-site Scripting (XSS) - Generic in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2948
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 https://huntr.dev/bounties/2393e4d9-9e9f-455f-bf50-f20f77b0a64d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2950 – Improper Authorization in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2950
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/abee8d2606c706176818de25eb88a2d08b8f7fa4 https://huntr.dev/bounties/612d13cf-2ef9-44ea-b8fb-e797948a9a86 • CWE-285: Improper Authorization •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2949 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2949
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 https://huntr.dev/bounties/3842486f-38b1-4150-9f78-b81d0ae580c4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2944 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2944
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/723ac5d78080d1b8542f47673988cd63e0389d25 https://huntr.dev/bounties/0d67dcb1-acc0-4d5d-bb69-a09d1bc9fa1d • CWE-284: Improper Access Control •
CVSS: 4.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-2947 – Cross-site Scripting (XSS) - Stored in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2947
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/8d2d601ac40aca75bcd2c3cf193f59c8e56d8425 https://huntr.dev/bounties/52534def-acab-4200-a79a-89ef4ce6a0b0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •