I found an application security issue in interface/fax/fax_view.php of OpenEMR v5_0_1_4 and likely earlier versions.
The vulnerability exists due to a lack of sanitation of user-supplied input. The vulnerability allows attackers to execute javascript on remotely authenticated users via the 'file' and 'scan' parameters.
I found an application security issue in interface/fax/fax_view.php of OpenEMR v5_0_1_4 and likely earlier versions.
The vulnerability exists due to a lack of sanitation of user-supplied input. The vulnerability allows attackers to execute javascript on remotely authenticated users via the 'file' and 'scan' parameters.
Proof of Concept URL 'file' parameter:
http://192.168.246.144/openemr-5.0.1/interface/fax/fax_view.php?file=%3Csvg/onload=alert(1)%3E
Proof of Concept URL 'scan' parameter:
http://192.168.246.144/openemr-5.0.1/interface/fax/fax_view.php?scan=%3Csvg/onload=alert(1)%3E
The text was updated successfully, but these errors were encountered: