4 matches found
OpenEMR Cross-Site Scripting (CVE-2022-1179)
A stored cross-site scripting vulnerability exists for OpenEMR. This vulnerability is due to improper input validation for the fldtitle parameter when creating rules...
CVE-2022-1179
Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4...
CVE-2022-1179 Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in openemr/openemr
Non-Privilege User Can Created New Rule and Lead to Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.4...
CVE-2022-1179
OpenEMR CVE-2022-1179 describes a Stored XSS via the fld_title parameter in /interface/super/rules/index.php?action=edit!submit_summary. The vulnerability arises from insufficient input validation and occurs for non-privilege users creating new rules, with the risk of executing scripts in privile...