Home/Product/opencrx
Product

opencrx

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-27151
all versions
openCRX 5.2.0 was discovered to contain an HTML injection vulnerability for Search Criteria-Activity Number (in the Saved Search A
6.1MEDIUM
 CVE-2023-27150
all versions
openCRX 5.2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name field after creation of a Tracker
5.4MEDIUM
 CVE-2023-40817
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Product Configuration Name Field.
6.1MEDIUM
 CVE-2023-40816
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Milestone Name Field.
6.1MEDIUM
 CVE-2023-40815
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Category Creation Name Field.
6.1MEDIUM
 CVE-2023-40814
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Name Field.
6.1MEDIUM
 CVE-2023-40813
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via Activity Saved Search Creation.
6.1MEDIUM
 CVE-2023-40812
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Accounts Group Name Field.
6.1MEDIUM
 CVE-2023-40810
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via Product Name Field.
6.1MEDIUM
 CVE-2023-40809
all versions
OpenCRX version 5.2.0 is vulnerable to HTML injection via the Activity Search Criteria-Activity Number.
6.1MEDIUM
 CVE-2023-46502
all versions
An issue in openCRX v.5.2.2 allows a remote attacker to read internal files and execute server side request forgery attack via ins
9.8CRITICAL
 CVE-2022-40084
<= 5.2.2
OpenCRX before v5.2.2 was discovered to be vulnerable to password enumeration due to the difference in error messages received dur
5.3MEDIUM
 CVE-2021-25959
>= 4.0.0 and <= 5.1.0
In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected Cross-site Scripting (XSS), due to unsanitized parameters i
6.1MEDIUM
 CVE-2020-7378
<= 4.3.0
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is
9.1CRITICAL
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh