Vulnerabilities in OpenMRS

13 results

CVE-2022-23612HIGHDirectory Traversal in OpenMRS Startup FilterEPSS 1.9%CVE-2021-4289LOWOpenMRS openmrs-module-referenceapplication User App Page UserAppPageController.java post cross site scriptingEPSS 1.0%CVE-2021-4284LOWOpenMRS HTML Form Entry UI Framework Integration Module cross site scriptingEPSS 0.9%CVE-2020-36636LOWOpenMRS Admin UI Module Account Setup AccountPageController.java sendErrorMessage cross site scriptingEPSS 0.9%CVE-2021-4288LOWOpenMRS openmrs-module-referenceapplication userApp.gsp cross site scriptingEPSS 0.9%CVE-2021-4291LOWOpenMRS Admin UI Module location.gsp cross site scriptingEPSS 0.9%CVE-2021-4292LOWOpenMRS Admin UI Module Manage Privilege Page privilege.gsp cross site scriptingEPSS 0.9%CVE-2020-36635LOWOpenMRS Appointment Scheduling Module AppointmentTypeValidator.java validateFieldName cross site scriptingEPSS 0.9%CVE-2022-4727LOWOpenMRS Appointment Scheduling Module Notes AppointmentRequest.java getNotes cross site scriptingEPSS 0.9%CVE-2026-40076CRITICALOpenMRS Core arbitrary file write and code execution via Zip Slip in module uploadEPSS 0.9%CVE-2026-40075HIGHOpenMRS Core arbitrary file read via path traversal in ModuleResourcesServletEPSS 0.6%CVE-2026-41258CRITICALOpenMRS: Stored Velocity SSTI to RCE via ConceptReferenceRangeEPSS 0.3%CVE-2025-46823HIGHOpenMRS has Vulnerability in FHIR2 Module PrivilegesEPSS 0.3%