Lassiiiiii

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0.2 **Description** OpenEMR is an electronic health records and medical practice management application. A stored cross-site scripting (XSS) issue exists in the function used to display answers from the **Eye Exam** form. An authenticated attacker with the `Notes - my encounters` role can inject arbitrary JavaScript code into the system by providing malicious input to the form answers. This injected JavaScript is then executed when other users with the same role view the form answers within patient encounters or visit history. The vulnerable function is responsible for displaying the form answers. **Recommendations** Update to OpenEMR version 8.0.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0.2 **Description** OpenEMR is an electronic health records and medical practice management application. A file read issue exists in the PDF creation function when processing form answers as unescaped HTML. This allows an attacker to include arbitrary image files from the server in generated PDFs. The issue affects users with the `Notes - my encounters` role who can fill Eye Exam forms in patient encounters. The vulnerability is triggered when parsing form answers, potentially leading to unauthorized access to server files. The vulnerable function processes the form answers without proper sanitization. **Recommendations** Update to OpenEMR version 8.0.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0.2 **Description** OpenEMR is an electronic health records and medical practice management application. A Server-Side Request Forgery (SSRF) issue exists in the PDF creation function when processing form answers as unescaped HTML. This allows an attacker to forge requests from the server to external or internal resources. The issue affects users with the `Notes - my encounters` role who can fill Eye Exam forms in patient encounters. The vulnerability is triggered when the form answers are parsed as unescaped HTML during PDF creation. The vulnerable function is involved in processing form data for PDF generation. **Recommendations** Update OpenEMR to version 8.0.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0.2 **Description** OpenEMR is a free and open source electronic health records and medical practice management application. The application is susceptible to a stored cross-site scripting (XSS) issue. This occurs due to unescaped `portal login username` within the portal credential print view. A patient portal user can inject an XSS payload as their login username, which then executes in a clinic staff member's browser when the "Create Portal Login" page is accessed for that patient. This allows for a transition from the patient session context to the staff/admin session context. **Recommendations** Versions prior to 8.0.0.2 should be updated to version 8.0.0.2 or later.

**Name of the Vulnerable Software and Affected Versions** OpenEMR versions prior to 8.0.0 **Description** OpenEMR is an electronic health records and medical practice management application. A stored cross-site scripting (XSS) issue exists in the function responsible for displaying form answers. An authenticated attacker with the "Forms administration" role can inject arbitrary JavaScript code into the system by providing malicious input to form answers. This injected code is then executed when other users with the same role view the form answers within patient encounter pages or visit history. The vulnerable function is the one used to display form answers. **Recommendations** Update to version 8.0.0 or later.