CVE-2017-7990

2017-04-21T00:59:00
ID CVE-2017-7990
Type cve
Reporter cve@mitre.org
Modified 2017-04-26T16:51:00

Description

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp.