Uploaded image for project: 'OpenMRS Core'
  1. OpenMRS Core
  2. TRUNK-3940

Multiple Stored XSS via Concept Name

    XMLWordPrintable

    Details

    • Complexity:
      Undetermined
    • Sprint:
      OpenMRS Platform 1.11 Sprint 1

      Description

      Security
      patientDashboard.form
      (Graphs tab can display XSS'd Concept Name (search Find Concepts))
      dictionary/concept.form (viewing XSS'd Concept Name)

        Gliffy Diagrams

          Attachments

            Issue Links

            caused

            Bug - A problem which impairs or prevents the functions of the product. HTML-569 HTML character codes are displayed in new HTML form

            • TBD - To Be Determined. Prioritization is not yet established.
            • Closed

              Activity

                People

                Assignee:
                wyclif Wyclif Luyima
                Reporter:
                patandre Andrea Patterson
                Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    Time Tracking

                    Estimated:
                    Original Estimate - 4 hours
                    4h
                    Remaining:
                    Time Spent - 2 hours, 30 minutes Remaining Estimate - 1 hour, 30 minutes
                    1h 30m
                    Logged:
                    Time Spent - 2 hours, 30 minutes Remaining Estimate - 1 hour, 30 minutes
                    2h 30m