Cross-site Scripting (XSS) - Stored in openemr/openemr
May 10th 2022
openemr / openemr is vulnerable to Cross-site Scripting (XSS) - Stored
Proof of Concept
// Poc <script>alert(document.cookie)</script>
steps to reproduce:
1) login open emr patient portal https://demo.openemr.io/openemr/portal/index.php 2) goto my profile in https://demo.openemr.io/openemr/portal/home.php 3)click on pending review. 4)add the payload in the first name /middle name (<script>alert(document.cookie)</script>) 5) click submit changes 6) after that we get an with Error: Patient was successfully updated 7) on clicking pending review the xss wil be triggered
This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie.