Skip to content
Upptäck fler sidor från InterSystems:
Australia New Zealand
Australien & Nya Zeeland
Benelux
Benelux:
Benelux:
Brazil
Brasilien
Chile
Chile
Finland
Finland
France
Frankrike
indonesian flag
Indonesien
Italy
Italien
Japan
Japan
China
Kina
Middle East Region
Mellanöstern
Spain
Spanien
United Kingdom Ireland
Storbritannien & Irland
Sweden
Sverige
South Africa
Sydafrika
Middle East Region
Sydostasien
Czech Republic
Tjeckien
Germany
Tyskland
Hungary
Ungern
United States
USA
Upptäck fler sidor från InterSystems:
Australia New Zealand
Australien & Nya Zeeland
Benelux
Benelux:
Benelux:
Brazil
Brasilien
Chile
Chile
Finland
Finland
France
Frankrike
indonesian flag
Indonesien
Italy
Italien
Japan
Japan
China
Kina
Middle East Region
Mellanöstern
Spain
Spanien
United Kingdom Ireland
Storbritannien & Irland
Sweden
Sverige
South Africa
Sydafrika
Middle East Region
Sydostasien
Czech Republic
Tjeckien
Germany
Tyskland
Hungary
Ungern
United States
USA
Sök för att lära dig mer om InterSystems produkter och lösningar, karriärmöjligheter med mera.
Home
Product Alerts & Advisories
Advisory: Cross-site Scripting Issue in the Clinical Viewer

Advisory: Cross-site Scripting Issue in the Clinical Viewer

Mar 01, 2022

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

Feb 10, 2026
Product Alerts & Advisories
Advisory: Custom Agreement Function Causes Error During Linkage Rebuild
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Deleted HealthShare Namespaces May Only Be Partially Removed from the Federation
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Consent Filtering Does Not Block Demographics from Appearing on a Clinician’s Recently Viewed Patient List
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: ApplyConsent Setting for IHE Patient Query Processes is Disabled by Default
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Purge Task for Expire and Query Edge Gateways Does Not Delete All Expired MRNs
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Purge Task for Expire and Query Edge Gateways Fails to Complete Due to Streamlet Matcher Errors
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Database Deletion Fail-Safe Option
This problem affects all versions the following products prior to 2025.2:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Orphaned Care Plans After Multiple Patient Merges
This problem affects the following products:
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: HealthShare Does Not Support a Single Edge Gateway That Ingests Both CCDA Documents and HL7v2 Messages
This problem affects all versions of Unified Care Record and Information Exchange.
More
Feb 10, 2026
Product Alerts & Advisories
Advisory: Web Gateway Apache Web Server Logs Request PHI and Potentially the JWT Token Credential
This problem affects all versions of the following products:
More
View All Alerts & Advisories