Skip to content
Explorar mais sites da InterSystems:
New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Explorar mais sites da InterSystems:
New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Pesquise para saber mais sobre produtos e soluções da InterSystems, oportunidades de carreira e muito mais.
Home
Product Alerts & Advisories
Advisory: Cross-site Scripting Issue in the Clinical Viewer

Advisory: Cross-site Scripting Issue in the Clinical Viewer

Mar 01, 2022

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

Jul 23, 2025
Product Alerts & Advisories
Advisory for IRISSECURITY in InterSystems IRIS 2025.2
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
More
Jul 23, 2025
Product Alerts & Advisories
InterSystems Announces General Availability of InterSystems IRIS 2025.2
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
More
Jun 10, 2025
Advisory: Namespace Switching and Global Display Failures
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: XDS.b Document Repository Should Be Notify and Query
This issue affects all versions of HealthShare®:
More
May 20, 2025
Product Alerts & Advisories
Advisory: Transform May Discard HL7 Medication Administration Instructions in FHIR Output
This problem affects the following products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: Session Timeout Ineffective for Navigation Application and Clinical Viewer
This problem affects the following products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: A Second Care Plan Using the Same Patient and Template Prevents Deletion of the Original Care Plan
This problem affects the following products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: Manual Step for ODS Mirror Upgrade
This problem affects the following products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: PIX Manager Process Causes Requests to Be Associated with Wrong User
This problem affects the following products:
More
May 20, 2025
Product Alerts & Advisories
Advisory: Portal Login Failures with HealthShare Federated SSO
This problem affects the following products:
More
View All Alerts & Advisories