5 matches found
OpenEMR 跨站脚本漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.3 contained a cross-site...
CVE-2026-33932
OpenEMR prior to v8.0.0.3 has a stored XSS in the CCDA document preview. The XSL sanitization does not neutralize linkHtml attributes, allowing href="javascript:..." and event handlers to pass through, enabling arbitrary JavaScript in a clinician’s browser when previewing a CCDA document. Version...
CVE-2026-33932 OpenEMR has Stored XSS in CCDA Preview via Unsanitized linkHtml Attributes
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in ...
CVE-2026-33932 OpenEMR has Stored XSS in CCDA Preview via Unsanitized linkHtml Attributes
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in ...
PT-2026-28152
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in ...