25077 matches found
CVE-2025-69231
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
CVE-2026-24847
OpenEMR (Eye Exam form module) prior to version 8.0.0 contains an open redirect vulnerability that lets any authenticated user be redirected to an arbitrary external URL, enabling phishing against healthcare providers. The issue is fixed in OpenEMR 8.0.0. CVSS v3.1 base score is 6.1 (NETWORK, LOW...
CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...
CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...
CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...
CVE-2025-69231
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
EUVD-2025-208106
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...
CVE-2025-69231
CVE-2025-69231 affects OpenEMR prior to version 8.0.0. A stored cross-site scripting vulnerability exists in the GAD-7 anxiety assessment form that allows authenticated users with clinician privileges to inject JavaScript executed when other users view the form, enabling session hijacking, accoun...
PT-2026-21984
Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. Versions prior to 8.0.0 do not properly verify user authorization when accessing Layout-Based Form LBF printable...
PT-2026-21823
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...
OpenEMR 跨站脚本漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained a cross-site...
OpenEMR 输入验证错误漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 8.0.0, there was a vulnerability related to...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...
n8n 安全漏洞
n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 2.10.1, 2.9.3, and 1.123.22 contained security vulnerabilities. These vulnerabilities stemmed from second-order expression injections in the Form node, which could allow unverified attackers to...
PT-2026-21980
Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. A stored cross-site scripting XSS issue exists in the function responsible for displaying form answers. An...
PT-2026-22028
Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description A second-order expression injection exists in Form nodes. This allows an unauthenticated attacker to inject and evaluate arbitrary expressions ...
OpenEMR 跨站脚本漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained a cross-site...