Lucene search
K

25077 matches found

NVD
NVD
added 2026/02/25 2:16 a.m.8 views

CVE-2025-69231

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS0.04197EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 1:34 a.m.11 views

CVE-2026-24847

OpenEMR (Eye Exam form module) prior to version 8.0.0 contains an open redirect vulnerability that lets any authenticated user be redirected to an arbitrary external URL, enabling phishing against healthcare providers. The issue is fixed in OpenEMR 8.0.0. CVSS v3.1 base score is 6.1 (NETWORK, LOW...

6.1CVSS5.6AI score0.00176EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/02/25 1:34 a.m.20 views

CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...

6.1CVSS0.00176EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/25 1:34 a.m.3 views

CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...

6.1CVSS5.6AI score0.00176EPSS
Exploits1References2
OSV
OSV
added 2026/02/25 1:34 a.m.5 views

CVE-2026-24847 OpenEMR has Open Redirect in Eye Exam Form

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...

6.1CVSS5.7AI score0.00176EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/25 1:18 a.m.2 views

CVE-2025-69231

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS5.1AI score0.04197EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2026/02/25 1:18 a.m.6 views

CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS5.3AI score0.04197EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/25 1:18 a.m.24 views

CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS0.04197EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/25 1:18 a.m.4 views

CVE-2025-69231 OpenEMR has a Stored XSS in GAD-7 Form that Enables Session Hijacking and Privilege Escalation

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS5.8AI score0.04197EPSS
Exploits1References2
EUVD
EUVD
added 2026/02/25 1:18 a.m.4 views

EUVD-2025-208106

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a stored cross-site scripting vulnerability in the GAD-7 anxiety assessment form allows authenticated users with clinician privileges to inject malicious JavaScript tha...

8.7CVSS5.1AI score0.04197EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 1:18 a.m.17 views

CVE-2025-69231

CVE-2025-69231 affects OpenEMR prior to version 8.0.0. A stored cross-site scripting vulnerability exists in the GAD-7 anxiety assessment form that allows authenticated users with clinician privileges to inject JavaScript executed when other users view the form, enabling session hijacking, accoun...

8.7CVSS5.1AI score0.04197EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.5 views

PT-2026-21984

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. Versions prior to 8.0.0 do not properly verify user authorization when accessing Layout-Based Form LBF printable...

6.5CVSS5.2AI score0.0026EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.5 views

PT-2026-21823

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Eye Exam form module allows any authenticated user to be redirected to an arbitrary external URL. This can be exploited for phishing attacks against healthcare...

6.1CVSS5.6AI score0.00176EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.7 views

OpenEMR 跨站脚本漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained a cross-site...

8.7CVSS5.6AI score0.04197EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

OpenEMR 输入验证错误漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 8.0.0, there was a vulnerability related to...

6.1CVSS5.9AI score0.00176EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

OpenEMR 安全漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained security...

6.5CVSS5.8AI score0.0026EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

n8n 安全漏洞

n8n is an open-source, scalable workflow automation tool developed by n8n. Versions of n8n prior to 2.10.1, 2.9.3, and 1.123.22 contained security vulnerabilities. These vulnerabilities stemmed from second-order expression injections in the Form node, which could allow unverified attackers to...

9.5CVSS7AI score0.01074EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.9 views

PT-2026-21980

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. A stored cross-site scripting XSS issue exists in the function responsible for displaying form answers. An...

7.2CVSS5.1AI score0.00165EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.12 views

PT-2026-22028

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.10.1 n8n versions prior to 2.9.3 n8n versions prior to 1.123.22 Description A second-order expression injection exists in Form nodes. This allows an unauthenticated attacker to inject and evaluate arbitrary expressions ...

9.5CVSS7.4AI score0.01074EPSS
Exploits0References35
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.8 views

OpenEMR 跨站脚本漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained a cross-site...

7.2CVSS5.8AI score0.00165EPSS
Exploits1References2
Rows per page
Query Builder