Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a reflected Cross Site Scripting vulnerability which affects the raceMasterList.jsp page within the Patient Portal. Inserted payload is rendered within the Patient Portal and the raceMasterList.jsp page does not require authentication. The vulnerability can be used to extract sensitive information or perform attacks against the user's browser. The vulnerability affects the raceMasterList.jsp page and the following parameter: race.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eClinicalWorks Patient Portal 跨站脚本漏洞
Vulnerability Description
eClinicalWorks Patient Portal是美国eClinicalWorks公司的一款应用于医疗领域的产品,该产品为患者提供了一个安全的查看他们的个人健康记录(PHR)和查看化验结果等的通信方式。 eClinicalWorks Patient Portal 7.0 build 13版本中的raceMasterList.jsp脚本存在跨站脚本漏洞。攻击者可利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A