Skip to content
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Telusuri untuk mempelajari tentang produk dan solusi InterSystems, peluang karier, dan banyak lagi.
Home
Peringatan & Saran Produk
Advisory: Cross-site Scripting Issue in the Clinical Viewer

Advisory: Cross-site Scripting Issue in the Clinical Viewer

02 March, 2022

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

18 March, 2026
Peringatan & Saran Produk
Alert: Journaling Potentially Disabled for System Work Queues
Product & Versions Affected Risk Category & Score Explicit Requirements DP-449126 InterSystems IRIS® data platform
More
17 March, 2026
Peringatan & Saran Produk
Alert: System Hang with ≥ 2 TB Database Cache
Product & Versions Affected Risk Category & Score Explicit Requirements DP-448888 Products:
More
27 February, 2026
Peringatan & Saran Produk
Advisory: HealthShare Provider Directory Global Occupies Large Amount of Storage
The problem affects the following versions of HealthShare Provider Directory:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Custom Agreement Function Causes Error During Linkage Rebuild
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Deleted HealthShare Namespaces May Only Be Partially Removed from the Federation
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Consent Filtering Does Not Block Demographics from Appearing on a Clinician’s Recently Viewed Patient List
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: ApplyConsent Setting for IHE Patient Query Processes is Disabled by Default
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Purge Task for Expire and Query Edge Gateways Does Not Delete All Expired MRNs
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Purge Task for Expire and Query Edge Gateways Fails to Complete Due to Streamlet Matcher Errors
This problem affects the following products:
More
11 February, 2026
Peringatan & Saran Produk
Advisory: Database Deletion Fail-Safe Option
This problem affects all versions the following products prior to 2025.2:
More