← back
CVE-2018-1000020

CVE-2018-1000020

EPSS 0.7%
OpenEMR version 5.0.0 contains a Cross Site Scripting (XSS) vulnerability in open-flash-chart.swf and _posteddata.php that can result in . This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.sec-consult.com/en/blog/advisories/os-command-injection-reflected-cross-site-scripting-in-openemr/index.htmlhttp://www.open-emr.org/wiki/index.php/OpenEMR_Patches