HIGH 7.7

CVE-2026-46518: OpenEMR Stored XSS in Prescription Multi-Print Feature

OpenEMR versions before 8.0.0.1 contain a stored cross-site scripting (XSS) flaw in the prescription multi-print feature that allows a patient portal user to inject malicious code into a clinician's browser session. By manipulating patient demographic fields through the API, an attacker can execute arbitrary JavaScript when a clinician views prescription reports, potentially compromising the clinician's session and enabling unauthorized access to patient records or system actions.

Source data · NVD / CISA · public domain

CVSS
3.1 · 7.7 HIGH · CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Weaknesses (CWE)
CWE-79, CWE-862
Affected products
1 configuration(s)
Published / Modified
2026-06-10 / 2026-06-17

NVD description (verbatim)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.1, a stored cross-site scripting vulnerability in the prescription CSS/HTML multi-print feature allows a patient portal user to execute arbitrary JavaScript in a clinician's browser session. Patient demographic fields (name, address) are rendered without output encoding in multiprintcss_header(), and portal patients can write attacker-controlled HTML directly into patient_data by calling the PUT api/patient/:num endpoint, which bypasses the intended audit review workflow. Because the XSS fires in the clinician's authenticated session on the main OpenEMR interface, the attacker can access CSRF tokens, session data, and perform actions as the clinician — crossing the patient-to-clinician trust boundary. This issue has been patched in version 8.0.0.1.

2 reference(s) · View on NVD →

SEC.co analysis · AI-assisted, reviewed against source

Technical summary

CVE-2026-46518 is a stored XSS vulnerability in OpenEMR's multiprintcss_header() function. Patient demographic fields (name, address) are rendered without output encoding in the prescription CSS/HTML multi-print feature. The vulnerability is exploitable because portal patients can submit attacker-controlled HTML via the PUT api/patient/:num endpoint, bypassing the intended audit review workflow. When a clinician generates or views a multi-print prescription report, the injected payload executes in their authenticated browser session, allowing session hijacking and privilege escalation from patient to clinician context. The vulnerability spans network-accessible attack surface with low attack complexity due to reliance on user interaction (clinician viewing the report).

Business impact

This vulnerability creates a direct threat to clinician workflows and patient data confidentiality. An attacker with patient portal access can compromise a clinician's authenticated session, gaining the ability to view, modify, or exfiltrate sensitive patient health information. The cross-session attack vector is particularly dangerous in healthcare settings because it enables a low-privilege user (patient) to perform high-privilege actions (clinician-level access), violating fundamental trust boundaries in medical practice management. Organizations could face HIPAA compliance failures, legal liability, and erosion of patient trust.

Affected systems

OpenEMR versions prior to 8.0.0.1 are affected. The vulnerability requires patient portal access and clinician interaction with the multi-print prescription feature, so organizations where clinicians regularly generate multi-page prescription reports are at higher risk. Any OpenEMR deployment allowing external patient portal access is potentially vulnerable.

Exploitability

Exploitation requires an attacker to possess valid patient portal credentials and for a clinician to subsequently view a multi-print prescription report containing the injected payload. The attack is not trivial to exploit in the wild because it depends on social engineering or timing (waiting for a clinician to access the affected feature), but the barrier is moderate rather than high. Once the clinician accesses the report, code execution is reliable. No known public exploit code has been identified in the KEV catalog, but the mechanism is straightforward enough that exploitation is practical for motivated threat actors with healthcare targeting objectives.

Remediation

Upgrade OpenEMR to version 8.0.0.1 or later, which patches the vulnerability by implementing proper output encoding in the multiprintcss_header() function and likely strengthening input validation on the patient API endpoint. Organizations unable to patch immediately should restrict patient portal access to trusted users, disable the multi-print prescription feature if operationally feasible, and implement Web Application Firewall (WAF) rules to detect suspicious patient_data API submissions. Monitor clinician sessions for anomalous activity following prescription report generation.

Patch guidance

Apply OpenEMR update 8.0.0.1 or later as soon as feasible. If your organization operates a staged deployment, prioritize patching environments where patient portal access is enabled. Before patching production systems, test in a non-production environment to ensure compatibility with customizations or extensions. Verify patch application by confirming version number and reviewing release notes for confirmation that multiprintcss_header() output encoding has been implemented.

Detection guidance

Monitor for suspicious API calls to PUT api/patient/:num with HTML or script-like payloads in demographic fields. Log and alert on clinician access to multi-print prescription reports immediately following unusual patient portal activity. Use browser-based security monitoring to detect XSS execution in clinician sessions (DOM mutations, unexpected JavaScript execution). Review OpenEMR audit logs for patient profile modifications by non-administrative accounts. Consider deploying a WAF rule to sanitize or block HTML entities in patient demographic API submissions.

Why prioritize this

This vulnerability merits high priority due to the severity of cross-session privilege escalation in a healthcare context. Although exploitation requires patient portal access and clinician interaction, the impact—unauthorized access to sensitive health information and potential manipulation of medical records—justifies rapid remediation. Organizations should prioritize patching if their workflows involve regular multi-print prescription generation.

Risk score, explained

The CVSS 3.1 score of 7.7 (HIGH) reflects the combination of network-accessible attack surface, low-to-medium attack complexity (user interaction required), low privileges required (patient account), and high impact on confidentiality and integrity. The score appropriately captures the severity while acknowledging that successful exploitation depends on clinician interaction and valid patient credentials. The cross-session trust boundary violation elevates business risk beyond the numeric score.

Frequently asked questions

Can an attacker exploit this without a patient portal account?

No. The vulnerability requires the attacker to authenticate to the patient portal and submit a malicious payload via the API endpoint. Anonymous exploitation is not possible. However, if your OpenEMR instance allows public patient registration, obtaining a portal account may not require significant barriers.

What data can an attacker access or modify after exploiting this vulnerability?

Once the attacker's JavaScript executes in the clinician's session, the attacker inherits the clinician's privileges. This could include access to any patient records the clinician can view, prescription data, medical history, and potentially the ability to modify records or perform administrative actions depending on the clinician's role. The scope depends entirely on the clinician's permissions.

Are versions after 8.0.0.1 also patched?

Yes. The patch is included in version 8.0.0.1 and should be present in all subsequent versions. Always verify your current version and upgrade to the latest available release.

If we have WAF protection, do we still need to patch?

WAF is a useful compensating control but should not replace patching. A well-tuned WAF may block some exploitation attempts, but it is not a complete substitute for fixing the underlying vulnerability. Patching remains the primary remediation.

This analysis is provided for informational purposes to support vulnerability assessment and remediation efforts. Organizations are responsible for verifying patch applicability to their specific OpenEMR deployment and testing patches in non-production environments before production deployment. The information herein should not be construed as legal or compliance advice. Consult vendor advisories and your internal security team before taking remediation actions. SEC.co makes no warranties regarding the completeness or accuracy of this intelligence beyond publicly available source data. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).