What the vulnerability does
01Description
Improper Access Control in GitHub repository openemr/openemr prior to 7.0.0.2.
CVSS base score
8.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
December 17, 2022
CVE published
April 14, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-5353 Improper Access Control in salesagility/suitecrm
CVE-2025-65096 RomM Insecure Direct Object Reference (IDOR) Allows Unauthorized Access to Private Collections
CVE-2024-45133 Adobe Commerce | Improper Access Control (CWE-284)
CVE-2026-24036 Horilla Exposes Unpublished Job Disclosures through Unauthenticated API
CVE-2023-45744
