Reflected XSS in interface/forms/eye_mag/view.php
in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid
parameter.
- Discovered: September 24, 2019
- Pull Request Issued: September 24, 2019
- Reported: September 24, 2019
- OpenEMR merged pull Request: September 24, 2019
- CVE ID issued: October 24, 2019
- OpenEMR Release: October 10, 2019 (5.0.2.1)
Fixed-In Version: 5.0.2.1
Affected Versions:
- 5.0.1
- 5.0.1.1
- 5.0.1.2
- 5.0.1.3
- 5.0.1.4
- 5.0.1.5
- 5.0.1.6
- 5.0.1.7
- 5.0.2
Will Porter, Lodestone Security (https://www.lodestonesecurity.com/)
Assuming OpenEMR is running on localhost
http://localhost/openemr/interface/forms/eye_mag/view.php?pid="><script>alert(%27pid%20xss%27);</script><"&id=1