N/A

In OpenEMR, versions 5.0.2 to 6.0.0 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly and rendered in the U2F USB Device authentication method page. A highly privileged attacker could inject arbitrary code into input fields when creating a new user.

N/A

N/A

OpenEMR 跨站脚本漏洞

OpenEMR是OpenEMR（Openemr）社区的一套开源的医疗管理系统。该系统可用于医疗实践管理、电子医疗记录、处方书写和医疗帐单申请。 OpenEMR versions 5.0.2 to 6.0.0 存在跨站脚本漏洞，该漏洞源于用户输入没有得到正确的验证。

N/A

N/A