HAPI FHIR TestPage Overlay is vulnerable to cross-site scripting (XSS). The parameters passed through the HTTP request to be displayed in a form page are not sanitized, allowing an attacker to inject a malicious script.
CPE | Name | Operator | Version |
---|---|---|---|
hapi fhir testpage overlay | le | 3.7.0 |