OpenEMR pc_category Cross Site Scripting Exploit

OpenEMR fails to sanitize the pc_category parameter in interface/main/calendar/index.php leading to a Cross-Site Scripting vulnerability.
Vulnerabilty ID: 
NOCVE-9999-49218
Released Date: 
Tuesday, September 6, 2011 - 19:00