Known Vulnerabilities for products from Openmrs
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Openmrs".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40075 json | Not Provided | 2026-05-05 | 2026-05-05 | |
| CVE-2022-23612 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2022-03-02 |
| CVE-2022-4727 json | A vulnerability, which was classified as problematic, was found in OpenMRS Appointment Scheduling Module up to 1.16.x. This a... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2021-43094 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-05-10 | 2022-05-17 |
| CVE-2021-4292 json | A vulnerability was found in OpenMRS Admin UI Module up to 1.4.x. It has been rated as problematic. This issue affects some u... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2021-4291 json | A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability aff... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2021-4289 json | A vulnerability classified as problematic was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. Affected by ... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2021-4288 json | A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. It has been rated as problematic. This... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2021-4284 json | A vulnerability classified as problematic has been found in OpenMRS HTML Form Entry UI Framework Integration Module up to 1.x... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2020-36636 json | A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sen... | 6.1 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2020-36635 json | A vulnerability was found in OpenMRS Appointment Scheduling Module up to 1.12.x. It has been classified as problematic. This ... | 5.4 - MEDIUM | 2022-12-27 | 2023-11-07 |
| CVE-2020-24621 json | A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 fo... | 8.8 - HIGH | 2020-09-25 | 2020-10-05 |
| CVE-2020-5733 json | In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly redirect to a login page whe... | 6.1 - MEDIUM | 2020-04-17 | 2020-04-23 |
| CVE-2020-5732 json | In OpenMRS 2.9 and prior, he import functionality of the Data Exchange Module does not properly redirect to a login page when... | 6.1 - MEDIUM | 2020-04-17 | 2020-04-23 |
| CVE-2020-5731 json | In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit's page is vulnerable to cross-site scripting. | 6.1 - MEDIUM | 2020-04-17 | 2020-04-21 |
| CVE-2020-5730 json | In OpenMRS 2.9 and prior, the sessionLocation parameter for the login page is vulnerable to cross-site scripting. | 6.1 - MEDIUM | 2020-04-17 | 2020-04-21 |
| CVE-2020-5729 json | In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can ... | 6.1 - MEDIUM | 2020-04-17 | 2020-04-23 |
| CVE-2020-5728 json | OpenMRS 2.9 and prior copies "Referrer" header values into an html element named "redirectUrl" within many webpages (such as ... | 6.1 - MEDIUM | 2020-04-17 | 2021-07-21 |
| CVE-2018-19276 json | OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to ... | 9.8 - CRITICAL | 2019-03-21 | 2023-03-03 |
| CVE-2018-16521 json | An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2... | 9.8 - CRITICAL | 2018-09-05 | 2018-12-07 |
Known software with vulnerabilities from Openmrs
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Openmrs | Htmlformentry | - |
| Application | Openmrs | Openmrs | 2.0 |