OpenEMR Eye Exam Form Open Redirect Vulnerability

An open redirect vulnerability has been identified in the Eye Exam form module of OpenEMR, prior to version 8.0.0. This vulnerability allows any authenticated user to be redirected to an arbitrary external URL, potentially leading to phishing attacks against healthcare providers using OpenEMR. The issue arises because the vulnerable file 'interface/forms/eye_mag/view.php' accepts a URL parameter and redirects to it without proper validation, using user input directly in the Location header.

Impact

Exploitation of this vulnerability could facilitate phishing attacks, with risks of credential theft and potential violations of HIPAA compliance.

Reproduction

To reproduce this vulnerability, log into OpenEMR and navigate to the Eye Exam form module. Once there, access 'interface/forms/eye_mag/view.php' and include a URL parameter pointing to an external site, such as 'https://evil.com/'. The application will redirect to the specified URL without any validation.

Remediation

Users can upgrade to OpenEMR version 8.0.0 or later to address this vulnerability.