6 matches found
CVE-2026-46518
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...
CVE-2026-46518
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...
CVE-2026-46518 OpenEMR: Stored XSS in prescription CSS/HTML print view via patient demographics
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...
EUVD-2026-35869
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...
CVE-2026-46518
OpenEMR vulnerability CVE-2026-46518: a stored XSS in the prescription CSS/HTML multi-print feature affects OpenEMR prior to version 8.0.0.1. A patient portal user can inject attacker-controlled HTML into patient_data via PUT /api/patient/:num and trigger JavaScript execution in a clinician’s bro...
PT-2026-48297
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a...