Nosh Chartingsystem Project Nosh Chartingsystem — known CVE vulnerabilities
Every CVE whose affected-product data names Nosh Chartingsystem Project Nosh Chartingsystem, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-24610 — CVSS 8.8 (high): NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks…
CVE-2023-24065 — CVSS 5.4 (medium): NOSH 4a5cfdb allows stored XSS via the create user page. For example, a first name (of a physician, assistant, or billing user) can have a…