Date: Mon, 21 Dec 2015 22:06:56 -0500 From: David Dworken <david@...iddworken.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Reflected XSS in OpenMRS Login Page Hello, OpenMRS has a reflected XSS vulnerability in the login page that is exploitable through injection into the referer header. Patch: https://github.com/ddworken/openmrs-module-referenceapplication/commit/65fefcb8dfbd069ca611ab3f17084fd8dc92a048 Thanks, David Dworken
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ