{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T07:32:27.615","vulnerabilities":[{"cve":{"id":"CVE-2026-33912","sourceIdentifier":"security-advisories@github.com","published":"2026-03-25T23:17:10.497","lastModified":"2026-03-26T16:24:01.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated attacker could craft a malicious form that, when submitted by a victim, executes arbitrary JavaScript in the victim's browser session. Version 8.0.0.3 patches the issue."},{"lang":"es","value":"OpenEMR es una aplicación gratuita y de código abierto de registros de salud electrónicos y gestión de prácticas médicas. Antes de la versión 8.0.0.3, un atacante autenticado podría crear un formulario malicioso que, al ser enviado por una víctima, ejecuta JavaScript arbitrario en la sesión del navegador de la víctima. La versión 8.0.0.3 corrige el problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*","versionEndExcluding":"8.0.0.3","matchCriteriaId":"E3E098AF-42A1-4798-85A7-80052F19F809"}]}]}],"references":[{"url":"https://github.com/openemr/openemr/commit/24dd47c3e4936a6ddd064924d17b0273c6ac4b66","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/openemr/openemr/commit/ae2a9e5edb8c88b9b0dff5969fd3aa98225f047e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/openemr/openemr/releases/tag/v8_0_0_3","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/openemr/openemr/security/advisories/GHSA-cpph-949w-w79v","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}