Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x before 5.0.2.1 allows a remote attacker to execute arbitrary code in the context of a user's session via the pid parameter.
{ "versions": [ { "introduced": "5.0.0" }, { "fixed": "5.0.2.1" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16862.json"