{"id":85984,"date":"2025-12-07T18:57:49","date_gmt":"2025-12-07T18:57:49","guid":{"rendered":""},"modified":"-0001-11-30T00:00:00","modified_gmt":"-0001-11-30T06:00:00","slug":"cve-2025-32794-stored-cross-site-scripting-vulnerability-in-openemr","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-32794-stored-cross-site-scripting-vulnerability-in-openemr\/","title":{"rendered":"<strong>CVE-2025-32794: Stored Cross-Site Scripting Vulnerability in OpenEMR<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The report discusses a stored cross-site scripting (XSS) vulnerability in OpenEMR, an open-source electronic health records and medical practice management application. The vulnerability, identified as CVE-2025-32794, affects versions prior to 7.0.3.4 and has a high impact due to its potential to compromise systems or leak sensitive data.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-32794<br \/>\nSeverity: High (CVSS: 7.6)<br \/>\nAttack Vector: Stored Cross-Site Scripting (XSS)<br \/>\nPrivileges Required: Low (Authenticated user with patient creation privileges)<br \/>\nUser Interaction: Required (Viewing the patient&#8217;s encounter under Orders \u2192 Procedure Orders)<br \/>\nImpact: Potential system compromise or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-3055087084\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>OpenEMR | Versions prior to 7.0.3.4<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The exploit involves an authenticated user with patient creation privileges injecting arbitrary JavaScript code into the First and Last Name fields during patient registration. The stored XSS vulnerability is exploited when this malicious payload is executed as someone views the patient&#8217;s encounter under Orders \u2192 Procedure Orders.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-2966422990\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>The following is a conceptual example of how an attacker might attempt to exploit this vulnerability:<\/p>\n<pre><code class=\"\" data-line=\"\">POST \/patient\/registration HTTP\/1.1\nHost: vulnerablehospital.example.com\nContent-Type: application\/json\n{\n&quot;first_name&quot;: &quot;&lt;script&gt;\/*malicious JavaScript code*\/&lt;\/script&gt;&quot;,\n&quot;last_name&quot;: &quot;&lt;script&gt;\/*malicious JavaScript code*\/&lt;\/script&gt;&quot;\n}<\/code><\/pre>\n<p><strong>Mitigation<\/strong><\/p>\n<p>Users are strongly advised to apply the vendor patch, which is included in version 7.0.3.4 of OpenEMR. In the interim, a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide temporary mitigation.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The report discusses a stored cross-site scripting (XSS) vulnerability in OpenEMR, an open-source electronic health records and medical practice management application. The vulnerability, identified as CVE-2025-32794, affects versions prior to 7.0.3.4 and has a high impact due to its potential to compromise systems or leak sensitive data. Vulnerability Summary CVE ID: CVE-2025-32794 Severity: High [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[],"tags":[],"vendor":[],"product":[],"attack_vector":[],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-85984","post","type-post","status-publish","format-standard","hentry"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/85984","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=85984"}],"version-history":[{"count":0,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/85984\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=85984"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=85984"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=85984"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=85984"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=85984"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=85984"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=85984"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=85984"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=85984"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}