Skip to content
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Telusuri untuk mempelajari tentang produk dan solusi InterSystems, peluang karier, dan banyak lagi.
Home
Peringatan & Saran Produk
Advisory: HealthShare URL Redirect Abuse

Advisory: HealthShare URL Redirect Abuse

26 Juni, 2023

This problem affects the following products:

  • HealthShare Unified Care Record: all version up to and including 2022.2

A single user interface page has been identified as a vector for URL redirect abuse in the HealthShare Unified Care Record versions listed. URL redirect abuse is associated with phishing scams and attempts to steal user credentials.

The CVSS 3.1 base score for this vulnerability has been calculated to be 5.4 with the following vector string:

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

This has been corrected as of version 2023.1.

The correction for this defect is identified as HSIEO-6980, which will be included in all future product releases. It is also available via Ad hoc change file (patch) or full kit distribution by contacting the Worldwide Response Center (WRC).
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

11 Juni, 2025
Advisory: Namespace Switching and Global Display Failures
Advisory ID Product & Versions Affected Risk Category & Score Explicit Requirements DP-439649 Products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: XDS.b Document Repository Should Be Notify and Query
This issue affects all versions of HealthShare®:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Transform May Discard HL7 Medication Administration Instructions in FHIR Output
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Session Timeout Ineffective for Navigation Application and Clinical Viewer
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: A Second Care Plan Using the Same Patient and Template Prevents Deletion of the Original Care Plan
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Manual Step for ODS Mirror Upgrade
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: PIX Manager Process Causes Requests to Be Associated with Wrong User
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Portal Login Failures with HealthShare Federated SSO
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Error Handling for Patient Registry MPIID Mismatch
This problem affects the following products:
buttonText
21 Mei, 2025
Peringatan & Saran Produk
Advisory: Upgrade Process May Be Delayed Due to OAuth2.0 Metadata Purge
This problem affects the following products:
buttonText