Admin Ui Module
Approved changes feed: RSS · Atom
cpe:2.3:a:openmrs:admin_ui_module:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Openmrs (06cb4728-e719-522c-9a70-e900854f95b6) |
|---|---|
| Product | Admin Ui Module (0fe53df8-b567-5dc3-bdb6-cfec62c35080) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openmrs/openmrs-module-adminui |
purl2cpe | 2026-06-01 10:11:38.082290 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-4292 |
vulnerable | 2026-06-08 05:38:09.117990 |
OpenMRS Admin UI Module Manage Privilege Page privilege.gsp cross site scripting
LOW (3.5)
A vulnerability was found in OpenMRS Admin UI Module up to 1.4.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/metadata/privileges/privilege.gsp of the component Manage Privilege Page. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.5.0 is able to address this issue. The name of the patch is 4f8565425b7c74128dec9ca46dfbb9a3c1c24911. It is recommended to upgrade the affected component. The identifier VDB-216917 was assigned to this vulnerability.
Published: 2022-12-27T22:56:47.741Z
Updated: 2024-11-19T19:46:50.224Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-4291 |
vulnerable | 2026-06-08 05:38:09.117395 |
OpenMRS Admin UI Module location.gsp cross site scripting
LOW (3.5)
A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.6.0 is able to address this issue. The name of the patch is a7eefb5f69f6c50a3bffcb138bb8ea57cb41a9b6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216916.
Published: 2022-12-27T22:54:46.691Z
Updated: 2024-08-03T17:23:10.497Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36636 |
vulnerable | 2026-06-08 05:25:49.274633 |
OpenMRS Admin UI Module Account Setup AccountPageController.java sendErrorMessage cross site scripting
LOW (3.5)
A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/page/controller/systemadmin/accounts/AccountPageController.java of the component Account Setup Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.5.0 is able to address this issue. The name of the patch is 702fbfdac7c4418f23bb5f6452482b4a88020061. It is recommended to upgrade the affected component. VDB-216918 is the identifier assigned to this vulnerability.
Published: 2022-12-27T22:59:23.592Z
Updated: 2024-08-04T17:30:08.316Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.