CVE-2022-29940

In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters formseq and formid in interface\orders\findorderpopup.php leads to multiple cross-site scripting XSS vulnerabilities...

LibreHealth EHR 跨站脚本漏洞

LibreHealth EHR is a clinically-focused Electronic Health Record EHR system designed to be easy to use out-of-the-box or customized for use in a variety of healthcare settings. A security vulnerability exists in LibreHealth EHR 2.0.0, which stems from the lack of filter escaping for the GET...