Skip to content
Suchen Sie nach Produkten und Lösungen von InterSystems, Karrieremöglichkeiten und mehr.

Advisory: Cross-site Scripting Issue in the Clinical Viewer

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.

RELATED TOPICS

Latest Alerts & Advisories

10 Jun 2025
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
20 May 2025
This issue affects all versions of HealthShare®:
20 May 2025
This problem affects the following products: