Vulnerabilidades en dhis2

10 resultados

CVE-2021-39179HIGHSQL Injection in DHIS2 Tracker APIEPSS 1.9%CVE-2022-24848HIGHSQL Injection in DHIS2's in OrgUnit program associationEPSS 1.1%CVE-2021-41187HIGHSQL Injection in DHIS2 Tracker APIEPSS 0.8%CVE-2021-32704HIGHImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in dhis2-coreEPSS 0.8%CVE-2023-31139MEDIUMDHIS2 Core unrestricted session cookies with Personal Access TokensEPSS 0.6%CVE-2023-31138HIGHDHIS2 Core vulnerable to Improper Access Control with PATCH requestsEPSS 0.6%CVE-2022-41948MEDIUMPrivilege Chaining with the user admin role in dhis2-coreEPSS 0.6%CVE-2023-32060MEDIUMDHIS2 Core Improper Access Control with Category Option Combination sharing in /api/trackedEntityInstance and /api/eventsEPSS 0.5%CVE-2022-41949MEDIUMSemi-blind Server-Side Request Forgery in dhis2-coreEPSS 0.4%CVE-2022-41947MEDIUMCross-site Scripting with user-uploaded files in dhis2-core EPSS 0.4%