There is several pages in the RA that are vulnerable to XSS attacks, a vulnerability can be reproduced when creating a patient and the JS is specified in the surname and address fields, see https://talk.openmrs.org/t/xss-vulnerability-in-openmrs-2-x-ui/698, https://talk.openmrs.org/t/xss-still-possible-in-registration-summary-edit-section-page/26729 and several other pages under 'Configure Metadata' and 'System Administration' apps.
There is more vulnerabilities mentioned at http://packetstormsecurity.com/files/128748
Would be worth it to investigate other vulnerable areas in the UI
- The page https://wiki.openmrs.org/x/h5UvAg should have a section documenting how to escape user-entered content using UiUtils.escape* methods, and examples
- The specific vulnerability mentioned in https://talk.openmrs.org/t/xss-vulnerability-in-openmrs-2-x-ui/698 is fixed
- A new ticket exists to go through the whole 2.x UI and clean up XSS vulnerabilities
We should create subtasks for (groups of) vulnerabilities, and let people fix them in parallel.
|escapeJs vulnerable to XSS||Ready for Work||Unassigned|