Uploaded image for project: 'OpenMRS Core'
  1. OpenMRS Core
  2. TRUNK-3940

Multiple Stored XSS via Concept Name

    XMLWordPrintable

    Details

    • Complexity:
      Undetermined
    • Sprint:
      OpenMRS Platform 1.11 Sprint 1

      Description

      Security
      patientDashboard.form
      (Graphs tab can display XSS'd Concept Name (search Find Concepts))
      dictionary/concept.form (viewing XSS'd Concept Name)

        Attachments

          Issue Links

          caused

          Bug - A problem which impairs or prevents the functions of the product. HTML-569 HTML character codes are displayed in new HTML form

          • TBD - To Be Determined. Prioritization is not yet established.
          • Closed

            Activity

              People

              Assignee:
              wyclif Wyclif Luyima
              Reporter:
              patandre Andrea Patterson
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - 4 hours
                  4h
                  Remaining:
                  Time Spent - 2 hours, 30 minutes Remaining Estimate - 1 hour, 30 minutes
                  1h 30m
                  Logged:
                  Time Spent - 2 hours, 30 minutes Remaining Estimate - 1 hour, 30 minutes
                  2h 30m