Skip to content
Effectuer une recherche pour en savoir plus sur les produits et solutions InterSystems, les offres d'emploi, etc. Les résultats affichés proviennent de plusieurs sites InterSystems dont le Developer Community, la documentation produit et le sites d'E-learning et bien évidement InterSystems.com.

Advisory: Cross-site Scripting Issue in the Clinical Viewer

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.

RELATED TOPICS