A vulnerability in flashcanvas.swf in OpenEMR before 5.0.1 Patch 6 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.Referenceshttps://www.open-emr.org/wiki/index.php/OpenEMR_Patcheshttps://www.purplemet.com/blog/openemr-xss-vulnerability
