Mieweb Enterprise Health — known CVE vulnerabilities
Every CVE whose affected-product data names Mieweb Enterprise Health, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2025-35030 — CVSS 8.1 (high): Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to…
CVE-2025-35034 — CVSS 4.3 (medium): Medical Informatics Engineering Enterprise Health has a reflected cross site scripting vulnerability in the 'portlet_user_id' URL…
CVE-2025-35033 — CVSS 4.1 (medium): Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject…
CVE-2025-35029 — CVSS 3.5 (low): Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to…
CVE-2025-35032 — CVSS 3.4 (low): Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends…
CVE-2025-35031 — CVSS 3.3 (low): Medical Informatics Engineering Enterprise Health includes the user's current session token in debug output. An attacker could convince a…