11 matches found
CVE-2021-25921
In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly in the Allergies section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit...
CVE-2021-25921
In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly in the Allergies section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit...
Cross site scripting
In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly in the Allergies section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit...
CVE-2021-25921
In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly in the Allergies section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit...
CVE-2021-25921
OpenEMR versions 2.7.3-rc1 to 6.0.0 are affected by a Stored Cross-Site Scripting (XSS) vulnerability in the Allergies section caused by insufficient validation of user input. An attacker could lure an administrator into submitting a malicious payload, enabling the exploit. The CVE entry cites CV...
CVE-2021-25921
In OpenEMR, versions 2.7.3-rc1 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting XSS due to user input not being validated properly in the Allergies section. An attacker could lure an admin to enter a malicious payload and by that initiate the exploit...
OpenEMR 跨站脚本漏洞
OpenEMR is a medical practice management software that also supports electronic medical records EMR. A stored cross-site scripting vulnerability exists in OpenEMR version 2.7.3-rc1 - 6.0.0. The vulnerability stems from the Allergies section not properly validating user input. An attacker can...
CVE-2020-36011
A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...
Cross site scripting
A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...
CVE-2020-36011
A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...
CVE-2020-36011
A cross-site scripting XSS issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field...