Skip to content
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Explore more InterSystems sites:
Australia New Zealand
Australia & New Zealand
Benelux
Benelux:
Benelux:
Brazil
Brazil
Chile
Chile
China
China
Czech Republic
Czech Republic
Finland
Finland
France
France
Germany
Germany
Hungary
Hungary
indonesian flag
Indonesia
Italy
Italy
Japan
Japan
Middle East Region
Middle East
South Africa
South Africa
Middle East Region
Southeast Asia
Spain
Spain
Sweden
Sweden
United Kingdom Ireland
United Kingdom & Ireland
United States
United States
Search to learn about InterSystems products and solutions, career opportunities, and more.
Home
Product Alerts & Advisories
Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

Mar 01, 2022

March 1, 2022 – Advisory: Cross-site Scripting Vulnerability in HealthShare Patient Index

This issue affects HealthShare Patient Index versions 13, 14, 15.032, 2018.1, 2019.1, 2020.1 and 2020.2 and 2021.1.

A correction that addresses improper neutralization of special elements used in a command is available from the WRC as HSPI-2267.
RELATED TOPICS
HealthShare

Latest Alerts & Advisories

Apr 17, 2025
Product Alerts & Advisories
InterSystems Security Public Notification
InterSystems has addressed security vulnerabilities that impact applications using OAuth2 Client configurations on InterSystems IRIS, InterSystems IRIS for Health, HealthShare, HealthShare HealthConnect, TrakCare, Caché, and Ensemble. Remediation steps and additional guidance documentation are available from the InterSystems Worldwide Response Center (WRC).
More
Apr 02, 2025
Product Alerts & Advisories
April 2, 2025 – Alert: InterSystems IRIS 2024.3 – AIX JSON Parsing Issue & IntegratedML Incompatibilities
Product & Versions Affected Explicit Requirements DP-439207 InterSystems IRIS® data platform 2024.3 (AIX) AIX installations Using JSON processing and Unicode non-Latin-1 character sets DP-439280 InterSystems IRIS 2024.3 (containers with IntegratedML) IntegratedML Containers using TensorFlow
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: Patient Access Events Should Be Recorded by Client ID for CMS-0057
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: Patient Delete API Now Available
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: FHIR Server Search Chaining May Return Incomplete or Incorrect Results on Certain Parameters
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: FHIR Session Flush Can Result in Consent Failure
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: DSUB ATNA Logging Creates Orphaned Messages and Global Growth
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: Clinical Viewer User Security Group May Be Incorrect When Under Heavy Load
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: Non-Unique Aggregation Keys Can Cause Key Collisions on Pure Query Edge Gateways
This problem affects the following products:
More
Mar 04, 2025
Product Alerts & Advisories
Advisory: Error in the Matching Weight for Name Frequency when Using a Non-Default Locale in Patient Index
This problem affects the following products:
More

Sign Up Today

Receive notifications on support alerts, critical issues,
fixes, and product releases.
*Required Fields
Highlighted fields are required
*Required Fields
Highlighted fields are required
By submitting this form, you give consent to receive notifications concerning support alerts, critical issues, important updates, fixes, and product releases via email. In addition, you consent to your business contact information being entered into our CRM solution that is hosted in the United States, but maintained consistent with applicable data protection laws.
**By clicking here, you give consent to be contacted for news, updates and other marketing purposes related to existing and future InterSystems products, offerings, and events.