4 matches found
The vulnerability of the phpgacl/acl_admin.tpl template in the PHP library for managing access in web applications. This is part of the phpGACL system used for managing medical documentation in OpenEMR. It allows attackers to perform cross-site scripting attacks.
The vulnerability of the phpgacl/acladmin.tpl PHP template used in the phpGACL access control library for web applications in the OpenEMR medical documentation system is related to the lack of protection for the website structure when processing the aclid template parameter. Exploiting this...
CVE-2020-13564
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template aclid parameter...
CVE-2022-31493
LibreHealth EHR Base 2.0.0 allows gacl/admin/acladmin.php aclid XSS...
CVE-2020-13564
A cross-site scripting vulnerability exists in the template functionality of phpGACL 3.3.7. A specially crafted HTTP request can lead to arbitrary JavaScript execution. An attacker can provide a crafted URL to trigger this vulnerability in the phpGACL template aclid parameter...