CVE-2022-4502

Name of the Vulnerable Software and Affected Versions openemr versions prior to 7.0.0.2

Description The issue is related to Cross-site Scripting (XSS) - Reflected in the GitHub repository openemr/openemr. This type of attack occurs when an application includes user input in the output it sends to a browser, without properly validating or sanitizing the input. As a result, the attacker can inject malicious scripts into the output, which are then executed by the browser.

Recommendations For versions prior to 7.0.0.2, update to version 7.0.0.2 or later to resolve the issue.