CVE-2017-1000240

The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting (XSS) vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt