Skip to content
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Jelajahi lebih banyak situs InterSystems:
South Africa
Afrika Selatan
United States
Amerika Serikat
Middle East Region
Asia Tenggara
Australia New Zealand
Australia & Selandia Baru
Benelux
Benelux:
Benelux:
Brazil
Brasil
Chile
Chile
China
China
Finland
Finlandia
Hungary
Hongaria
United Kingdom Ireland
Inggris Raya & Irlandia
indonesian flag
Indonesia
Italy
Italia
Japan
Jepang
Germany
Jerman
France
Prancis
Czech Republic
Republik Ceko
Spain
Spanyol
Sweden
Swedia
Middle East Region
Timur Tengah
Telusuri untuk mempelajari tentang produk dan solusi InterSystems, peluang karier, dan banyak lagi.
Home
Peringatan & Saran Produk
Advisory: Cross-site Scripting Issue in the Clinical Viewer

Advisory: Cross-site Scripting Issue in the Clinical Viewer

02 March, 2022

March 1, 2022 – Advisory: Cross-site Scripting Issue in the Clinical Viewer

InterSystems has corrected a defect which could allow Cross-site scripting (XSS). A crafted payload within certain URI Parameters or HTTP POST Body can lead to arbitrary JavaScript execution in the Clinical Viewer in Health Share Information Exchange 2018.1 and Unified Care Record 2019.1.

The correction for this defect is identified as HSCV-8103/HSCV-8550. It is available via ad hoc change file or full kit distribution from the Worldwide Response Center (WRC). All affected customers are encouraged to request and apply the correction. The correction is included in version 2019.2 and all later product releases.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

17 April, 2025
Peringatan & Saran Produk
InterSystems Security Public Notification
InterSystems has addressed security vulnerabilities that impact applications using OAuth2 Client configurations on InterSystems IRIS, InterSystems IRIS for Health, HealthShare, HealthShare HealthConnect, TrakCare, Caché, and Ensemble. Remediation steps and additional guidance documentation are available from the InterSystems Worldwide Response Center (WRC).
More
02 April, 2025
Peringatan & Saran Produk
April 2, 2025 – Alert: InterSystems IRIS 2024.3 – AIX JSON Parsing Issue & IntegratedML Incompatibilities
Product & Versions Affected Explicit Requirements DP-439207 InterSystems IRIS® data platform 2024.3 (AIX) AIX installations Using JSON processing and Unicode non-Latin-1 character sets DP-439280 InterSystems IRIS 2024.3 (containers with IntegratedML) IntegratedML Containers using TensorFlow
More
04 March, 2025
Peringatan & Saran Produk
Advisory: Patient Access Events Should Be Recorded by Client ID for CMS-0057
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: Patient Delete API Now Available
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: FHIR Server Search Chaining May Return Incomplete or Incorrect Results on Certain Parameters
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: FHIR Session Flush Can Result in Consent Failure
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: DSUB ATNA Logging Creates Orphaned Messages and Global Growth
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: Clinical Viewer User Security Group May Be Incorrect When Under Heavy Load
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: Non-Unique Aggregation Keys Can Cause Key Collisions on Pure Query Edge Gateways
This problem affects the following products:
More
04 March, 2025
Peringatan & Saran Produk
Advisory: Error in the Matching Weight for Name Frequency when Using a Non-Default Locale in Patient Index
This problem affects the following products:
More