2 matches found
OpenEMR 5.0.2 < 6.0.0.1 Multiple XSS Vulnerabilities
OpenEMR is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2021-25918
In OpenEMR, versions 5.0.2–6.0.0 are vulnerable to a Stored XSS flaw caused by unvalidated user input rendered on the TOTP Authentication page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user. The CVE entry provides no exploitation status or rem...