Medium severity5.4NVD Advisory· Published May 5, 2022· Updated Jun 17, 2026
CVE-2022-29939
CVE-2022-29939
Description
In LibreHealth EHR 2.0.0, lack of sanitization of the GET parameters debug and InsId in interface\billing\sl_eob_process.php leads to multiple cross-site scripting (XSS) vulnerabilities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- LibreHealth/LibreHealth EHRdescription
- Range: = 2.0.0
Patches
Vulnerability mechanics
References
3- nitroteam.kz/index.phpnvdExploitThird Party Advisory
- github.com/LibreHealthIO/lh-ehr/tagsnvdThird Party Advisory
- gitlab.com/librehealth/ehr/lh-ehr/-/tagsnvdThird Party Advisory
News mentions
0No linked articles in our index yet.