Описание
Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitrary content in the 'Demographic Information' page. This content will be rendered and executed when a victim accesses it. This issue is fixed as of 2025-03-14.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mieweb:enterprise_health:rc202309:-:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202403:-:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202409:-:*:*:*:*:*:*
cpe:2.3:a:mieweb:enterprise_health:rc202503:-:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00036
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
3 месяца назад
Medical Informatics Engineering Enterprise Health has a stored cross site scripting vulnerability that allows an authenticated attacker to add arbitrary content in the 'Demographic Information' page. This content will be rendered and executed when a victim accesses it. This issue is fixed as of 2025-03-14.
EPSS
Процентиль: 11%
0.00036
Низкий
3.5 Low
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79