Severity by source
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Primary rating from GitHub Advisory · only source for this CVE.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionGitHub Advisory
OpenEMR is a free and open source electronic health records and medical practice management application. Users with the Notes - my encounters role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the encounter page and in the visit history for the users with the same role. Versions prior to 8.0.0.3 have a stored cross-site scripting (XSS) vulnerability in the function to display the form answers, allowing any authenticated attacker with the specific role to insert arbitrary JavaScript into the system by entering malicious payloads to the form answers. The JavaScript code is later executed by any user with the form role when viewing the form answers in the patient encounter pages or visit history. Version 8.0.0.3 contains a patch.
AnalysisAI
A stored cross-site scripting (XSS) vulnerability exists in OpenEMR's Eye Exam form functionality that allows authenticated users with the 'Notes - my encounters' role to inject malicious JavaScript payloads through form answers. OpenEMR versions prior to 8.0.0.3 are affected. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | OpenEMR versions prior to 8.0.0.3. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS score of 8.7 (High severity) reflects a network-accessible vulnerability with low attack complexity, requiring low privileges and user interaction, with changed scope enabling high confidentiality and integrity impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An authenticated attacker with the 'Notes - my encounters' role accesses a patient's encounter and fills out an Eye Exam form, inserting malicious JavaScript payloads into form answer fields such as visual acuity measurements or examination notes. When other healthcare providers or administrative staff with the same role view the patient's encounter page or visit history to review the examination results, the stored JavaScript executes in their browsers, potentially stealing session cookies, capturing keystrokes containing credentials, or performing unauthorized actions like modifying patient records under the victim's authenticated session. … |
| Remediation | Upgrade OpenEMR to version 8.0.0.3 or later, which contains a patch addressing this stored XSS vulnerability (see commit at https://github.com/openemr/openemr/commit/f488efbe3eb7f17d0f057f960020cb611149f8a2 and advisory at https://github.com/openemr/openemr/security/advisories/GHSA-6ch2-p26g-x33h). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all OpenEMR instances and confirm versions; disable or restrict access to the Eye Exam form functionality if possible; alert users not to click suspicious links from encounter notifications. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today