Skip to content
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Use the search to find information about InterSystems products and solutions, career opportunities, and more.
Home
Product Alerts & Advisories
Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

01 Mar 2022

March 1, 2022 – Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

This issue affects HealthShare Patient Index versions 13, 14, 15.032, 2018.1, 2019.1, 2020.1 and 2020.2 and 2021.1.

A correction that addresses improper neutralization of special elements used in a command is available from the WRC as HSPI-2267.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

17 Apr 2025
Product Alerts & Advisories
InterSystems Security Public Notification
InterSystems has addressed security vulnerabilities that impact applications using OAuth2 Client configurations on InterSystems IRIS, InterSystems IRIS for Health, HealthShare, HealthShare HealthConnect, TrakCare, Caché, and Ensemble. Remediation steps and additional guidance documentation are available from the InterSystems Worldwide Response Center (WRC).
More
02 Apr 2025
Product Alerts & Advisories
April 2, 2025 – Alert: InterSystems IRIS 2024.3 – AIX JSON Parsing Issue & IntegratedML Incompatibilities
Product & Versions Affected Explicit Requirements DP-439207 InterSystems IRIS® data platform 2024.3 (AIX) AIX installations Using JSON processing and Unicode non-Latin-1 character sets DP-439280 InterSystems IRIS 2024.3 (containers with IntegratedML) IntegratedML Containers using TensorFlow
More
04 Mar 2025
Product Alerts & Advisories
Advisory: Patient Access Events Should Be Recorded by Client ID for CMS-0057
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: Patient Delete API Now Available
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: FHIR Server Search Chaining May Return Incomplete or Incorrect Results on Certain Parameters
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: FHIR Session Flush Can Result in Consent Failure
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: DSUB ATNA Logging Creates Orphaned Messages and Global Growth
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: Clinical Viewer User Security Group May Be Incorrect When Under Heavy Load
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: Non-Unique Aggregation Keys Can Cause Key Collisions on Pure Query Edge Gateways
This problem affects the following products:
More
04 Mar 2025
Product Alerts & Advisories
Advisory: Error in the Matching Weight for Name Frequency when Using a Non-Default Locale in Patient Index
This problem affects the following products:
More
View All Alerts & Advisories