CVE-2026-33346 | OpenEMR up to 8.0.0.2 portal/lib/paylib.php cross site scripting (GHSA-qvf6-6xc6-9qv7)

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability was found in OpenEMR up to 8.0.0.2. It has been classified as problematic. The affected element is an unknown function in the library portal/lib/paylib.php. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2026-33346. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-33346 | OpenEMR up to 8.0.0.2 portal/lib/paylib.php cross site scripting (GHSA-qvf6-6xc6-9qv7)

Post correlati

CVE-2025-9337 | ASUS Armoury Crate up to 6.3.2 AsIO3.sys null pointer dereference

CVE-2024-42348 | FOGproject FOG up to 1.5.10.41.2 Computer Registration command injection (GHSA-456c-4gw3-c9xw)

CVE-2025-15010 | Tenda WH450 1.0.0.18 /goform/SafeUrlFilter page stack-based overflow

CVE-2024-39686 | FishAudio Bert-VITS2 up to 2.3 bert_gen data_dir os command injection (GHSL-2024-045)