Lucene search
China National Vulnerability DatabaseCNVD-2022-61338HistoryApr 01, 2022 - 12:00 a.m.
OpenEMR Cross-Site Scripting Vulnerability (CNVD-2022-61338)
2022-04-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
openemr
cross-site scripting
vulnerability
healthcare management
user-supplied data validation
authenticated attacker
javascript code
EPSS
0.051
Percentile
93.0%
OpenEMR is an open source healthcare management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. openEMR has a cross-site scripting vulnerability that stems from the lack of a user-supplied data and output data validation filter in the fld_title parameter in interface/super/rules/index.php?action=edit!submit_summary. The fld_title parameter in interface/super/rules/index.php? An authenticated attacker could use this vulnerability to execute JavaScript code on the client side.
Related
checkpoint_advisories
checkpoint_advisories
OpenEMR Cross-Site Scripting (CVE-2022-1179)
2022-10-30 00:00:00
prion
prion
Cross site scripting
2022-03-30 12:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-1179
2022-03-30 12:15:08
osv
osv
CVE-2022-1179
2022-03-30 12:15:08
cve
cve
CVE-2022-1179
2022-03-30 12:15:08
huntr
huntr
openvas
openvas
OpenEMR <= 6.0.0.4 Multiple Vulnerabilities
2022-04-05 00:00:00