N/A

OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) vulnerability in The 'scan' parameter in line #41 of interface/fax/fax_view.php that can result in The vulnerability could allow remote authenticated attackers to inject arbitrary web script or HTML.. This attack appear to be exploitable via The victim must visit on a specially crafted URL..

N/A

N/A

OpenEMR 跨站脚本漏洞

OpenEMR是OpenEMR社区所维护的一套开源的医疗管理系统。该系统可用于医疗实践管理、电子医疗记录、处方书写和医疗帐单申请。 OpenEMR 5_0_1_4版本的interface/fax/fax_view.php文件的第41行中的‘scan’参数存在跨站脚本漏洞。远程攻击者可借助特制的URL利用该漏洞注入任意Web脚本或HTML。

N/A

N/A