OpenEMR version 4.1.1 suffers from a cross site scripting vulnerability.
2794e272098c49fab5ad0608f9d0bb8abb46fa3cfb850da04587f0f744cfa619
OpenEMR 4.1.1 (site param) Remote XSS Vulnerability
Vendor: OpenEMR
Product web page: http://www.open-emr.org
Affected version: 4.1.1
Summary: OpenEMR is a Free and Open Source electronic health records and medical
practice management application that can run on Windows, Linux, Mac OS X, and many
other platforms.
Desc: OpenEMR suffers from a XSS issue due to a failure to properly sanitize user-supplied
input to the 'site' GET parameter in the central 'globals.php' script which is called by
every script. Attackers can exploit this weakness to execute arbitrary HTML and script
code in a user's browser session.
Tested on: Microsoft Windows 7 Ultimate SP1 (EN)
Apache 2.4.2 (Win32)
PHP 5.4.4
MySQL 5.5.25a
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience
Advisory ID: ZSL-2013-5129
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5129.php
Vendor: http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
09.02.2013
--
http://localhost/openemr/[DIR]/[SCRIPT]?site="><script>alert(1);</script>