OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A cross-site scripting vulnerability exists in versions of OpenEMR prior to 7.0.1. The vulnerability stems from the application’s lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
CPE | Name | Operator | Version |
---|---|---|---|
openemr openemr | lt | 7.0.1 |