Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Hl7 Security Vulnerabilities

cve
cve

CVE-2014-3861

Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

5.8AI Score

0.002EPSS

2014-09-02 10:55 AM
17
cve
cve

CVE-2014-3862

CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

6.5AI Score

0.004EPSS

2014-09-02 10:55 AM
19
cve
cve

CVE-2014-5452

CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations.

6.1AI Score

0.004EPSS

2014-09-02 10:55 AM
31
cve
cve

CVE-2023-24057

HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow attackers to extract files into arbitrary directories via directory traversal from a crafted ZIP or TGZ archive (for a prepackaged terminology cache, NPM package, or comparison archive).

8.1CVSS

7.5AI Score

0.002EPSS

2023-01-26 09:18 PM
71