.. / CVE-2023-2948

Exploit for OpenEMR < 7.0.1 - Cross-Site Scripting (CVE-2023-2948)

Description:

Cross-site Scripting (XSS) - Reflected in GitHub repository openemr/openemr prior to 7.0.1.

Nuclei Template

View the template here CVE-2023-2948.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-2948.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-2948
https://huntr.com/bounties/3842486f-38b1-4150-9f78-b81d0ae580c4
https://github.com/openemr/openemr/commit/af1ecf78d1342519791bda9d3079e88f7d859015