Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HL7 C-CDA 跨站脚本漏洞
Vulnerability Description
HL7 C-CDA是美国Health Level Seven(HL7)组织开发的一套用于医疗行业的以交换文档为目的的临床文档结构,也是一种指定结构和语意的文档标记标准,它可对信息对象进行定义,如文本、图像、声音和其它多媒体内容。 HL7 C-CDA 1.1及之前版本的CDA.xsl文件中存在跨站脚本漏洞。远程攻击者可通过提供特制的nonXMLBody元素的参考链接利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A