OpenClinica — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting OpenClinica. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenClinica serves as an electronic data capture (EDC) system for clinical trial management, enabling researchers to collect and manage research data. Historically, the platform has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the four recorded CVEs highlight persistent risks in web application security. The platform's complex architecture and handling of sensitive patient data make it an attractive target for attackers, necessitating rigorous security testing and patch management to mitigate potential exploitation risks.

Top products by OpenClinica: OpenClinica Community Edition

High2025-11-11

security_findings/openclinica/openclinica-rce.md at main · mikecole-mg/security_findings · GitHub

High2025-11-11

security_findings/openclinica/openclinica-rce.md at main · mikecole-mg/security_findings · GitHub

High2025-11-11

security_findings/openclinica/openclinica-xxe.md at main · mikecole-mg/security_findings · GitHub

High2025-11-11

security_findings/openclinica/openclinica-xxe.md at main · mikecole-mg/security_findings · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with OpenClinica. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

OpenClinica — Vulnerabilities & Security Advisories 4