What the vulnerability does
01Description
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
CVSS base score
8.1/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
May 27, 2023
CVE published
January 14, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-36899 ASP.NET Elevation of Privilege Vulnerability
CVE-2023-22342
CVE-2026-26143 Microsoft PowerShell Security Feature Bypass Vulnerability
CVE-2023-42802 GLPI vulnerable to unallowed PHP script execution
CVE-2023-26405 ZDI-CAN-20712: Object Prototype pollution which leads to API Restrictions Bypass
