5 matches found
EUVD-2025-9332
Malicious code in bioql PyPI...
CVE-2025-31121
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 7.0.3.1, the Patient Image feature in OpenEMR is vulnerable to cross-site scripting attacks via the EXIF title in an image. This vulnerability is fixed in 7.0.3.1...
CVE-2025-31121
OpenEMRβs Patient Image feature (EXIF title) is vulnerable to cross-site scripting prior to version 7.0.3.1. Affected component: Patient Image handling in OpenEMR. Root cause: unsanitized EXIF title in uploaded images enables XSS. Impact: CVE-2025-31121 indicates attacker-executed script in vulne...
PT-2025-14119 Β· Openemr Β· Openemr
Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.3.1 Description: The Patient Image feature in OpenEMR is vulnerable to cross-site scripting attacks via the EXIF title in an image. Recommendations: For versions prior to 7.0.3.1, update to version 7.0.3.1 to...
CVE-2025-31117 OpenEMR Out-of-Band Server-Side Request Forgery (OOB SSRF) Vulnerability
OpenEMR is a free and open source electronic health records and medical practice management application. An Out-of-Band Server-Side Request Forgery OOB SSRF vulnerability was identified in OpenEMR, allowing an attacker to force the server to make unauthorized requests to external or internal...