CVE-2026-46518
7.7 HIGHOpenEMR is a free and open source electronic health records and medical practice management application
Published: 2026-06-10 · Last updated: 2026-06-10
Severity and scoring
- CVSS
- 7.7 HIGH
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
- CWE
- CWE-79, CWE-862
Description
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a clinician's browser session. Patient demographic fields (name, address) are rendered without output encoding in multiprintcss_header(), and portal patients can write attacker-controlled HTML directly into patient_data by calling the PUT api/patient/:num endpoint, which bypasses the intended audit review workflow. Because the XSS fires in the clinician's authenticated session on the main OpenEMR interface, the attacker can access CSRF tokens, session data, and perform actions as the clinician — crossing the patient-to-clinician trust boundary. This issue has been patched in version 8.0.0.1.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2025-8444 — The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based St... (6.4 MEDIUM)
- CVE-2026-26237 — A missing authorization vulnerability has been reported to affect QuMagie
- CVE-2026-41003 — An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Secu... (7.6 HIGH)
- CVE-2026-34417 — OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript i... (6.1 MEDIUM)
- CVE-2026-25860 — OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to... (6.1 MEDIUM)