Skip to content
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Telusuri untuk mempelajari tentang produk dan solusi InterSystems, peluang karier, dan banyak lagi.
Home
Peringatan & Saran Produk
Advisory: HealthShare URL Redirect Abuse

Advisory: HealthShare URL Redirect Abuse

26 Juni, 2023

This problem affects the following products:

  • HealthShare Unified Care Record: all version up to and including 2022.2

A single user interface page has been identified as a vector for URL redirect abuse in the HealthShare Unified Care Record versions listed. URL redirect abuse is associated with phishing scams and attempts to steal user credentials.

The CVSS 3.1 base score for this vulnerability has been calculated to be 5.4 with the following vector string:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

This has been corrected as of version 2023.1.

The correction for this defect is identified as HSIEO-6980, which will be included in all future product releases. It is also available via Ad hoc change file (patch) or full kit distribution by contacting the Worldwide Response Center (WRC).
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

03 September, 2025
Peringatan & Saran Produk
Alert: Upgrade Failure in IRIS 2025.1.1.308.0 due to Reserved Web Application Names
Risk Category & Score Explicit Requirements DP-442440 InterSystems IRIS ® data platform 2025.1.1.308.0 InterSystems IRIS for Health HealthShare® Health Connect Operational:
buttonText
24 Juli, 2025
Peringatan & Saran Produk
Advisory for IRISSECURITY in InterSystems IRIS 2025.2
InterSystems IRIS 2025.2 introduces the IRISSECURITY database, the new home for security data. Unlike IRISSYS, the previous home for security data, IRISSECURITY can be encrypted, which secures your sensitive data at rest. In a future version, IRISSECURITY will be mirrorable.
buttonText
24 Juli, 2025
Peringatan & Saran Produk
InterSystems Announces General Availability of InterSystems IRIS 2025.2
InterSystems is pleased to announce the General Availability (GA) of the 2025.2 release of InterSystems IRIS® data platform. This is a Continuous Delivery (CD) release. Please note that the GA versions of InterSystems IRIS for Health™ and HealthShare® Health Connect™ 2025.2 are currently withheld due to mirroring limitations introduced by security updates (details below).
buttonText
11 Juni, 2025
Advisory: Namespace Switching and Global Display Failures
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: XDS.b Document Repository Should Be Notify and Query
This issue affects all versions of HealthShare®:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Transform May Discard HL7 Medication Administration Instructions in FHIR Output
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Session Timeout Ineffective for Navigation Application and Clinical Viewer
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: A Second Care Plan Using the Same Patient and Template Prevents Deletion of the Original Care Plan
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Manual Step for ODS Mirror Upgrade
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: PIX Manager Process Causes Requests to Be Associated with Wrong User
This problem affects the following products:
buttonText