OpenEMR is an open source healthcare management system from the Openemr community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. openemr versions prior to 7.0.0 have a cross-site scripting vulnerability that stems from the failure to encode key and value values in its patientdate.js file. An attacker could exploit this vulnerability to execute JavaScript code on the client side.