OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A cross-site scripting vulnerability exists in OpenEMR prior to version 7.0.1. The vulnerability stems from the admin panel (admin.php) failing to properly clean up the text in the “Site Name” field and can be exploited by an attacker with administrator access to inject arbitrary HTML.