VYPR

OpenMRS Reference Application

by Openmrs

CVEs (3)

  • CVE-2017-12796CriOct 23, 2017
    risk 0.64cvss 9.8epss 0.04

    The Reporting Compatibility Add On before 2.0.4 for OpenMRS, as distributed in OpenMRS Reference Application before 2.6.1, does not authenticate users when deserializing XML input into ReportSchema objects. The result is that remote unauthenticated users are able to execute…

  • CVE-2021-4289Dec 27, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. Affected by this vulnerability is the function post of the file omod/src/main/java/org/openmrs/module/referenceapplication/page/controller/UserAppPageController.java…

  • CVE-2021-4288Dec 27, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/userApp.gsp. The manipulation leads to cross site scripting. The attack may…