OpenEMR is an open source healthcare management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. cross-site scripting vulnerabilities exist in versions of OpenEMR prior to 6.0.0.4, which stem from a lack of data validation filtering of user-supplied and output data in the newname parameter in interface/main/calendar/index.php. An authenticated attacker could use this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
OpenEMR OpenEMR <6. | eq | 0.0.4 |