CVE-2020-24301

Cross-site Scripting in maven/ca.uhn.hapi.fhir/hapi-fhir-testpage-overlay

Identifiers

CVE-2020-24301

Package Slug

maven/ca.uhn.hapi.fhir/hapi-fhir-testpage-overlay

Vulnerability

Cross-site Scripting

Description

Users of the HAPI FHIR Testpage Overlay can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testing and not believed to be widely used for any production purposes.

Affected Versions

All versions up to 5.0.0

Solution

Upgrade to version 5.0.1 or above.

Last Modified

2020-10-19

source