Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HL7 C-CDA 信息泄露漏洞
Vulnerability Description
HL7 C-CDA是美国Health Level Seven组织开发的一套用于医疗行业的以交换文档为目的的临床文档结构,也是一种指定结构和语意的文档标记标准,它可对信息对象进行定义,如文本、图像、声音和其它多媒体内容。 HL7 C-CDA 1.1及之前版本的CDA.xsl文件中存在安全漏洞。远程攻击者可利用该漏洞发现敏感的URL。
CVSS Information
N/A
Vulnerability Type
N/A