CVE-2023-2949

Name of the Vulnerable Software and Affected Versions openemr/openemr versions prior to 7.0.1

Description The issue is related to Cross-site Scripting (XSS) - Reflected, which can be exploited by a remote attacker to perform inter-site script attacks. This is due to the lack of protection measures for the web page structure in the OpenEMR software for medical organization management.

Recommendations For versions prior to 7.0.1, update to version 7.0.1 or later to resolve the issue.