CVE-2025-67491 | OpenEMR up to 7.0.3 Billing Interface json_encode data cross site scripting (GHSA-5fq8-jwvw-3m5w)

A vulnerability has been found in OpenEMR up to 7.0.3 and classified as problematic. This vulnerability affects the function json_encode of the component Billing Interface. The manipulation of the argument data leads to cross site scripting.

This vulnerability is referenced as CVE-2025-67491. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.VulDB Recent EntriesRead More