CVE-2014-5452
CVE-2014-5452 affects HL7 C-CDA 1.1 and earlier via the CDA.xsl stylesheet. The underlying issue is that CDA.xsl does not anticipate invalid C-CDA documents with crafted XML attributes, enabling a remote XSS when a document contains a table improperly handled during unrestricted xsl:copy operatio...