CVE-2017-7990
The CVE-2017-7990 entry involves the OpenMRS Reporting Module 1.12.0, where a CSRF vulnerability can be abused to perform cross-site scripting. An attacker could hijack an administrative session to inject JavaScript into the name field in webapp/reports/manageReports.jsp, yielding XSS. The affect...