What the vulnerability does
01Description
Improper Authorization in GitHub repository openemr/openemr prior to 7.0.1.
CVSS base score
6.3/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
Key dates
02Disclosure timeline
May 28, 2023
CVE published
January 14, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-23623 Collabora Online vulnerable to Authorization Bypass
CVE-2016-7035
CVE-2021-28563 Magento Commerce improper Authorization via the 'Create Customer' endpoint
CVE-2022-34405
CVE-2025-65029 Rallly Has an IDOR Vulnerability in Participant Deletion Endpoint Allows Unauthorized Removal of Poll Participants
