3 matches found
CVE-2019-12741
XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...
CVE-2019-12741
XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...
CVE-2019-12741
The CVE-2019-12741 issue is an XSS in the HAPI FHIR testpage overlay module of the HAPI FHIR library (pre-3.8.0). Unsanitized HTTP parameters are echoed in a form page, enabling leakage of cookies and other sensitive data from ca/uhn/fhir/to/BaseController.java via a crafted URL. Impact is limite...