CVE-2014-8071 in OpenMRSinformazioni

Riassunto

di VulDB • 23/06/2026

Multiple vulnerabilità cross-site scripting (XSS) in OpenMRS 2.1 Standalone Edition consentono ad attaccanti remoti di iniettare script web o HTML arbitrari tramite i parametri: (1) givenName, (2) familyName, (3) address1 oppure (4) address2 a registrationapp/registerPatient.page; il parametro (5) comment a allergyui/allergy.page; il parametro (6) w10 a htmlformentryui/htmlform/enterHtmlForm/submit.action; l'HTTP Referer Header (7) a login.htm; il parametro (8) returnUrl a htmlformentryui/htmlform/enterHtmlFormWithStandardUi.page oppure coreapps/mergeVisits.page; o il parametro (10) visitId a htmlformentryui/htmlform/enterHtmlFormWithSimpleUi.page.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

09/10/2014

Divulgazione

23/10/2014

Moderazione

accettato

CPE

pronto

EPSS

0.01854

KEV

no

Attività

molto basso

Settore

Hospital, Chemical, ...

Fonti

MITREhttps://www.cve.org/CVERecord?id=CVE-2014-8071
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2014-8071
CVE Detailshttps://www.cvedetails.com/cve/CVE-2014-8071/

PrecedenteVisione D'ensembleIl prossimo

Want to know what is going to be exploited?

We predict KEV entries!