{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-07T23:36:57.402","vulnerabilities":[{"cve":{"id":"CVE-2020-5729","sourceIdentifier":"vulnreport@tenable.com","published":"2020-04-17T19:15:14.857","lastModified":"2024-11-21T05:34:29.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue."},{"lang":"es","value":"En OpenMRS versiones 2.9 y anteriores, la Página de Error del Framework UI refleja una entrada arbitraria suministrada por el usuario en el navegador, que puede resultar en un ataque de tipo XSS. Cualquier página que sea capaz de desencadenar un Error del Framework UI es susceptible a este problema."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openmrs:openmrs:*:*:*:*:*:*:*:*","versionEndIncluding":"2.9.0","matchCriteriaId":"3CC281C5-FB85-489C-87BC-CB4294B33AFE"}]}]}],"references":[{"url":"https://www.tenable.com/security/research/tra-2020-18","source":"vulnreport@tenable.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tenable.com/security/research/tra-2020-18","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}