CVE-2026-32118
OpenEMR prior to version 8.0.0.1 is affected by a stored XSS vulnerability in the Graphical Pain Map (clickmap) form. The issue allows any authenticated clinician to inject arbitrary JavaScript that executes in the browser of every subsequent user viewing the affected encounter form. Because sess...