CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2948 – Cross-site Scripting (XSS) - Generic in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2948
Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 https://huntr.dev/bounties/2393e4d9-9e9f-455f-bf50-f20f77b0a64d • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2950 – Improper Authorization in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2950
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/abee8d2606c706176818de25eb88a2d08b8f7fa4 https://huntr.dev/bounties/612d13cf-2ef9-44ea-b8fb-e797948a9a86 • CWE-285: Improper Authorization •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2949 – Cross-site Scripting (XSS) - Reflected in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2949
Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015 https://huntr.dev/bounties/3842486f-38b1-4150-9f78-b81d0ae580c4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2942 – Improper Input Validation in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2942
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9 https://huntr.dev/bounties/dd56e7a0-9dff-48fc-bc59-9a22d91869eb • CWE-20: Improper Input Validation •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-2944 – Improper Access Control in openemr/openemr
https://notcve.org/view.php?id=CVE-2023-2944
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1. • https://github.com/openemr/openemr/commit/723ac5d78080d1b8542f47673988cd63e0389d25 https://huntr.dev/bounties/0d67dcb1-acc0-4d5d-bb69-a09d1bc9fa1d • CWE-284: Improper Access Control •