CVE-2026-33348 | OpenEMR up to 8.0.0.3 Notes cross site scripting (GHSA-6ch2-p26g-x33h)

A vulnerability identified as problematic has been detected in OpenEMR up to 8.0.0.3. Affected by this vulnerability is an unknown functionality of the component Notes Handler. This manipulation causes cross site scripting.

This vulnerability is handled as CVE-2026-33348. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More