In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openmrs openmrs |