HIGH
openemr
CVE published 2026-06-10
CVE-2026-46518
CVE-2026-46518 is a high-severity vulnerability in OpenEMR, a free and open-source electronic health records application. A stored cross-site scripting (XSS) vulnerability exists in the prescription CSS/HTML multi-print feature, allowing a patient portal user to execute arbitrary JavaScript in a clinician's browser session. This is possible because patient demographic fields (name, address) are rendered w [truncated]