CVE-2016-6272
CVE-2016-6272 concerns Epic MyChart, where an XPath injection vulnerability exists in the help.asp topic parameter. The underlying issue allows remote attackers to access contents of an XML document containing static display strings (e.g., field labels). The vulnerability is reported as pre-authe...