CVE-2021-4288
The CVE-2021-4288 issue affects OpenMRS OpenMRS module referenceapplication up to version 2.11.x, with cross-site scripting stemming from how omod/src/main/webapp/pages/userApp.gsp is handled. The vulnerability can be exploited remotely, and upgrading to version 2.12.0 addresses the issue (patch:...