9 matches found
CVE-2026-32125
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125 OpenEMR: Stored XSS in Track Anything Graphs via Unescaped Dygraph Titles/Labels
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125 OpenEMR: Stored XSS in Track Anything Graphs via Unescaped Dygraph Titles/Labels
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125 OpenEMR: Stored XSS in Track Anything Graphs via Unescaped Dygraph Titles/Labels
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...
CVE-2026-32125
OpenEMR vulnerability CVE-2026-32125: Stored XSS in Track Anything Graphs due to unescaped Dygraph titles/labels. Prior to version 8.0.0.1, track item names stored from user input (POST) are rendered via innerHTML or equivalent, allowing a user who can create/edit items to inject script that exec...
OpenEMR 跨站脚本漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.1 contained a cross-site...
PT-2026-24846
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input POST and later rendered in Dygraph charts titles/labels using innerHTML or equivalent without...