漏洞描述
OpenEMR存在反射型跨站脚本漏洞。此漏洞是由于对fee_sheet_options_ajax.php站点的输入数据验证不正确导致的。
OpenEMR fee_sheet_options_ajax.php 反射型跨站脚本漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2012-0991: OpenEMR 4.1 - Local File Inclusion
- POC CVE-2019-14530: OpenEMR <5.0.2 - Local File Inclusion
- POC CVE-2022-2733: Openemr < 7.0.0.1 - Cross-Site Scripting
- POC CVE-2023-2948: OpenEMR < 7.0.1 - Cross-Site Scripting
- POC CVE-2023-2949: OpenEMR < 7.0.1 - Cross-site Scripting
- POC openemr-default-login: OpenEMR - Default Admin Discovery
- POC openemr-default-login: OpenEMR - Default Admin Discovery
- POC openemr-setup-installer: OpenEMR Setup Installation Page - Exposure
- POC openemr-detect: OpenEMR Product Registration Panel - Detect
- OpenEMR new_comprehensive_save.php 存储型跨站脚本漏洞
- OpenEMR Rules CVE-2022-1179跨站脚本漏洞
- OpenEMR C_DocumentCategory.class.php存储型跨站脚本漏洞
- OpenEMR CVE-2022-24643跨站脚本漏洞