Date: Mon, 21 Dec 2015 22:06:56 -0500 From: David Dworken <david@...iddworken.com> To: oss-security@...ts.openwall.com Subject: CVE Request: Reflected XSS in OpenMRS Login Page Hello, OpenMRS has a reflected XSS vulnerability in the login page that is exploitable through injection into the referer header. Patch: https://github.com/ddworken/openmrs-module-referenceapplication/commit/65fefcb8dfbd069ca611ab3f17084fd8dc92a048 Thanks, David Dworken
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.