U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:open-emr:openemr:7.0.0.2:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 11 matching records.
Displaying matches 1 through 11.
Vuln ID Summary CVSS Severity
CVE-2023-2950

Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 28, 2023; 12:15:14 AM -0400 		V4.0:(not available)
 V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2023-2949

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 28, 2023; 12:15:13 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-2948

Cross-site Scripting (XSS) - Generic in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 28, 2023; 12:15:12 AM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-2947

Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 7:15:09 PM -0400 		V4.0:(not available)
 V3.1: 4.8 MEDIUM
V2.0:(not available)
CVE-2023-2946

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 7:15:09 PM -0400 		V4.0:(not available)
 V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2023-2945

Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 6:15:10 PM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-2944

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 6:15:10 PM -0400 		V4.0:(not available)
 V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-2943

Code Injection in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 6:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-2942

Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 27, 2023; 6:15:09 PM -0400 		V4.0:(not available)
 V3.1: 8.1 HIGH
V2.0:(not available)
CVE-2023-2674

Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 12, 2023; 4:15:09 AM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-2566

Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.

Published: May 08, 2023; 1:15:09 AM -0400 		V4.0:(not available)
 V3.1: 4.8 MEDIUM
V2.0:(not available)