An issue in open-emr before v.7.0.2 allows a remote malicious user to escalate privileges via a crafted script to the formid parameter in the ereq_form.php component.