Количество 2
Количество 2
CVE-2019-12741
XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafted URL. (This module is not generally used in production systems so the attack surface is expected to be low, but affected systems are recommended to upgrade immediately.)
GHSA-52mh-p2m2-w625
Cross-site Scripting in HAPI FHIR
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-12741 XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafted URL. (This module is not generally used in production systems so the attack surface is expected to be low, but affected systems are recommended to upgrade immediately.) | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
| GHSA-52mh-p2m2-w625 Cross-site Scripting in HAPI FHIR | CVSS3: 6.1 | 0% Низкий | больше 6 лет назад |
Уязвимостей на страницу