Lucene search
China National Vulnerability DatabaseCNVD-2023-43861HistoryMay 31, 2023 - 12:00 a.m.
OpenEMR Cross-Site Scripting Vulnerability
2023-05-3100:00:00
China National Vulnerability Database
www.cnvd.org.cn
4
openemr
cross-site scripting
vulnerability
admin panel
injection
html
medical management
electronic medical records
version 7.0.1
security
EPSS
0.013
Percentile
86.1%
OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A cross-site scripting vulnerability exists in OpenEMR prior to version 7.0.1. The vulnerability stems from the admin panel (admin.php) failing to properly clean up the text in the “Site Name” field and can be exploited by an attacker with administrator access to inject arbitrary HTML.
Related
nvd
nvd
CVE-2023-2947
2023-05-27 23:15:09
prion
prion
Cross site scripting
2023-05-27 23:15:00
cvelist
cvelist
CVE-2023-2947 Cross-site Scripting (XSS) - Stored in openemr/openemr
2023-05-27 00:00:00
cve
cve
CVE-2023-2947
2023-05-27 23:15:09
osv
osv
CVE-2023-2947
2023-05-27 23:15:09
huntr
huntr
Stored XSS in Admin Panel
2023-03-17 19:34:17
openvas
openvas
OpenEMR < 7.0.1 Multiple Vulnerabilities
2023-05-10 00:00:00