CVE-2025-25925 Information

Mar 12, 2025 cve

Description

A stored cross-scripting (XSS) vulnerability in Openmrs v2.4.3 Build 0ff0ed allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the personName.middleName parameter at /openmrs/admin/patients/shortPatientForm.form.

Reference

http://openmrs.com https://github.com/johnchd/CVEs/blob/main/OpenMRS/CVE-2025-25925%20-%20P-XSS.md

Share on: