CVE-2021-4289

CVE-2021-4289 affects OpenMRS openmrs-module-referenceapplication up to version 2.11.x. The vulnerability lies in the post function of UserAppPageController.java (parameter AppId) enabling cross-site scripting and can be exploited remotely. A fix is available in OpenMRS referenceapplication 2.12....

CVE-2021-4288

The CVE-2021-4288 issue affects OpenMRS OpenMRS module referenceapplication up to version 2.11.x, with cross-site scripting stemming from how omod/src/main/webapp/pages/userApp.gsp is handled. The vulnerability can be exploited remotely, and upgrading to version 2.12.0 addresses the issue (patch:...

CVE-2021-4288 OpenMRS openmrs-module-referenceapplication userApp.gsp cross site scripting

A vulnerability was found in OpenMRS openmrs-module-referenceapplication up to 2.11.x. It has been rated as problematic. This issue affects some unknown processing of the file omod/src/main/webapp/pages/userApp.gsp. The manipulation leads to cross site scripting. The attack may be initiated...

OpenMRS 跨站脚本漏洞

OpenMRS is an open source electronic medical record system from OpenMRS, Inc. in the United States. OpenMRS openmrs-module-referenceapplication A cross-site scripting vulnerability exists in OpenMRS openmrs-module-referenceapplication versions prior to 2.12.0, which originates in the component Us...