What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-2947
MEDIUM
CVE-2023-2947: Cross-site Scripting (XSS) - Stored in openemr/openemr
CVSS base score
4.7/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
May 27, 2023
CVE published
January 14, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-54338 WordPress Hello Event Widgets For Elementor plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
CVE-2019-15618
CVE-2023-6854 Breakdance <= 1.7.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via custom postmeta
CVE-2025-46944 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2024-5970 MaxGalleria <= 6.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via maxgallery_thumb Shortcode
