CVE-2017-7990

Published: Apr 21, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.youtube.com/watch?v=pfrIaNvIuFY

x_refsource_MISC

https://github.com/openmrs/openmrs-module-reporting/pull/141/commits/0023a659288538d2763835847d3414ecb18b931a#diff-50e25eddc5909110fa3d31090877c2fd

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-7990

Description

Affected Products

References