CVE-2025-35034

Medical Informatics Engineering Enterprise Health is affected by a reflected cross-site scripting vulnerability in the portlet_user_id URL parameter. A remote, unauthenticated attacker can craft a URL to execute arbitrary JavaScript in a victim’s browser. The issue is fixed as of 2025-03-14. Acco...