CVE-2018-1000218
OpenEMR OpenEMR version v5_0_1_4 contains a Cross-Site Scripting (XSS) vulnerability in the file parameter of interface/fax/fax_view.php (line 43). The issue can enable remote authenticated attackers to inject arbitrary web script or HTML via a specially crafted URL. No root cause, affected versi...