VYPR
Unrated severityNVD Advisory· Published Mar 31, 2025· Updated Mar 31, 2025

OpenEMR allows Reflected XSS in CAMOS new.php

CVE-2025-29772

Description

OpenEMR is a free and open source electronic health records and medical practice management application. The POST parameter hidden_subcategory is output to the page without being properly processed. This leads to a reflected cross-site scripting (XSS) vul;nerability in CAMOS new.php. This vulnerability is fixed in 7.0.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openemr/Openemrllm-fuzzy2 versions
    <7.0.3+ 1 more
    • (no CPE)range: <7.0.3
    • (no CPE)range: < 7.0.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.