CVE-2017-7990

The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:openmrs:openmrs_module_reporting:1.12.0:*:*:*:*:*:*:*

Information

Published : 2017-04-20 17:59

Updated : 2017-04-26 09:51


NVD link : CVE-2017-7990

Mitre link : CVE-2017-7990


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

openmrs

  • openmrs_module_reporting