CVE-2014-5452 in C-CDA
要約
〜によって MITRE
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during unrestricted xsl:copy operations.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.