Lucene search
China National Vulnerability DatabaseCNVD-2022-61335HistoryApr 01, 2022 - 12:00 a.m.
OpenEMR Cross-Site Scripting Vulnerability (CNVD-2022-61335)
2022-04-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
0.003 Low
EPSS
Percentile
69.2%
OpenEMR is an open source healthcare management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. cross-site scripting vulnerabilities exist in versions of OpenEMR prior to 6.0.0.4, which stem from a lack of data validation filtering of user-supplied and output data in the newname parameter in interface/main/calendar/index.php. An authenticated attacker could use this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| OpenEMR OpenEMR <6. | eq | 0.0.4 |
Related
huntr
huntr
Reflected Cross Site Scripting
2022-03-21 05:15:14
cve
cve
CVE-2022-1180
2022-03-30 12:15:08
osv
osv
CVE-2022-1180
2022-03-30 12:15:08
prion
prion
Cross site scripting
2022-03-30 12:15:00
nvd
nvd
CVE-2022-1180
2022-03-30 12:15:08
cvelist
cvelist
CVE-2022-1180 Reflected Cross Site Scripting in openemr/openemr
2022-03-30 11:05:20
openvas
openvas
OpenEMR <= 6.0.0.4 Multiple Vulnerabilities
2022-04-05 00:00:00