CVE-2017-6394
Multiple Cross-Site Scripting XSS issues were discovered in OpenEMR 5.0.0 and 5.0.1-dev. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to the "openemr-master/gacl/admin/objectsearch.php" URL sectionvalue; srcform. An attacker could execute arbitrary HTML an...