CVE-2025-69231
CVE-2025-69231 affects OpenEMR prior to version 8.0.0. A stored cross-site scripting vulnerability exists in the GAD-7 anxiety assessment form that allows authenticated users with clinician privileges to inject JavaScript executed when other users view the form, enabling session hijacking, accoun...