Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenEMR — Vulnerabilities & Security Advisories 120

Browse all 120 CVE security advisories affecting OpenEMR. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by OpenEMR:OpenEMRopenemr/openemr
CVE IDTitleCVSSSeverityPublished
CVE-2023-2943 Code Injection in openemr/openemr — openemr/openemrCWE-94 8.6 -2023-05-27
CVE-2023-2942 Improper Input Validation in openemr/openemr — openemr/openemrCWE-20 9.1 -2023-05-27
CVE-2023-2674 Improper Access Control in openemr/openemr — openemr/openemrCWE-284 4.3 -2023-05-12
CVE-2023-2566 Cross-site Scripting (XSS) - Stored in openemr/openemr — openemr/openemrCWE-79 5.4 -2023-05-08
CVE-2022-4733 Cross-site Scripting (XSS) - Stored in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-12-24
CVE-2022-4615 Cross-site Scripting (XSS) - Reflected in openemr/openemr — openemr/openemrCWE-79 6.1 -2022-12-19
CVE-2022-4567 Improper Access Control in openemr/openemr — openemr/openemrCWE-284 4.3 -2022-12-17
CVE-2022-4502 Cross-site Scripting (XSS) - Reflected in openemr/openemr — openemr/openemrCWE-79 6.1 -2022-12-15
CVE-2022-4503 Cross-site Scripting (XSS) - Generic in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-12-15
CVE-2022-4504 Improper Input Validation in openemr/openemr — openemr/openemrCWE-20 7.5 -2022-12-15
CVE-2022-4505 Authorization Bypass Through User-Controlled Key in openemr/openemr — openemr/openemrCWE-639 8.8 High2022-12-15
CVE-2022-4506 Unrestricted Upload of File with Dangerous Type in openemr/openemr — openemr/openemrCWE-434 7.2 -2022-12-15
CVE-2022-2824 Authorization Bypass Through User-Controlled Key in openemr/openemr — openemr/openemrCWE-639 8.8 High2022-08-15
CVE-2022-2734 Improper Restriction of Rendered UI Layers or Frames in openemr/openemr — openemr/openemrCWE-1021 5.4 -2022-08-09
CVE-2022-2732 Missing Authorization in openemr/openemr — openemr/openemrCWE-862 8.3 High2022-08-09
CVE-2022-2733 Cross-site Scripting (XSS) - Reflected in openemr/openemr — openemr/openemrCWE-79 6.1 -2022-08-09
CVE-2022-2731 Cross-site Scripting (XSS) - Reflected in openemr/openemr — openemr/openemrCWE-79 6.1 -2022-08-09
CVE-2022-2729 Cross-site Scripting (XSS) - DOM in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-08-09
CVE-2022-2730 Authorization Bypass Through User-Controlled Key in openemr/openemr — openemr/openemrCWE-639 8.2 -2022-08-09
CVE-2022-2494 Cross-site Scripting (XSS) - Stored in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-07-22
CVE-2022-2493 Data Access from Outside Expected Data Manager Component in openemr/openemr — openemr/openemrCWE-1083 6.5 -2022-07-22
CVE-2022-1461 Non Privilege User can Enable or Disable Registered in openemr/openemr — openemr/openemrCWE-1220 6.5 -2022-04-25
CVE-2022-1459 Non-Privilege User Can View Patient’s Disclosures in openemr/openemr — openemr/openemrCWE-1118 6.5 -2022-04-25
CVE-2022-1458 Stored XSS Leads To Session Hijacking in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-04-25
CVE-2020-13567 phpGACL SQL注入漏洞 — OpenEMRCWE-89 9.8 -2022-04-18
CVE-2022-1179 Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-03-30
CVE-2022-1180 Reflected Cross Site Scripting in openemr/openemr — openemr/openemrCWE-79 6.1 -2022-03-30
CVE-2022-1181 Stored Cross Site Scripting in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-03-30
CVE-2022-1177 Accounting User Can Download Patient Reports in openemr in openemr/openemr — openemr/openemrCWE-1220 4.3 -2022-03-30
CVE-2022-1178 Stored Cross Site Scripting in openemr/openemr — openemr/openemrCWE-79 5.4 -2022-03-30

This page lists every published CVE security advisory associated with OpenEMR. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.