3 matches found
CVE-2025-30149
OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting XSS in the AJAX Script interface\super\layoutlistitemsajax.php via the target parameter. This vulnerability is fixed in 7.0.3...
CVE-2025-30149
CVE-2025-30149 concerns OpenEMR, a free/open source EHR/PM app. It describes a reflected XSS in the AJAX Script interface, specifically in layout_listitems_ajax.php accessed via the target parameter. The vulnerability’s root cause is input reflected back to the user, enabling script injection. Ac...
PT-2025-13796 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.3 Description: The issue concerns reflected cross-site scripting XSS in the AJAX Script interface, specifically in the layout listitems ajax.php file via the target parameter. This allows for potential XSS attack...