Stream: Announcements
Topic: HAPI Alert
Grahame Grieve (Jun 07 2019 at 12:32):
A quick note that a security research team discovered and disclosed a potential XSS vulnerability in the hapi-fhir-testpage-overlay module (otherwise known as the end-user UI that powers http://hapi.fhir.org ). This vulnerability affects versions of this module below 3.8.0 (and is resolved in 3.8.0). Affected users are advised to upgrade immediately.
Please see the following link for more details: https://nvd.nist.gov/vuln/detail/CVE-2019-12741
Last updated: Apr 12 2022 at 19:14 UTC
