VYPR
Unrated severityNVD Advisory· Published Mar 31, 2025· Updated Mar 31, 2025

OpenEMR Reflected XSS in AJAX Script

CVE-2025-30149

Description

OpenEMR is a free and open source electronic health records and medical practice management application. OpenEMR allows reflected cross-site scripting (XSS) in the AJAX Script interface\super\layout_listitems_ajax.php via the target parameter. This vulnerability is fixed in 7.0.3.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Openemr/Openemrllm-fuzzy2 versions
    <7.0.3+ 1 more
    • (no CPE)range: <7.0.3
    • (no CPE)range: < 7.0.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.