Stream: Announcements
Topic: XSS Vulnerabllity in HAPI FHIR Testpage Module
James Agnew (Nov 19 2020 at 02:38):
Hi All,
To any users of the HAPI FHIR Testpage module (i.e. the web module that powers hapi.fhir.org and similar implementations): A Cross Site Scripting (XSS) vulnerability has been reported against HAPI FHIR 5.0.0 and below, and is fixed in HAPI FHIR 5.1.0.
Users of the Testpage module are advised to upgrade immediately.
Please bring any discussion around this announcement to the Privacy & Security stream here: https://chat.fhir.org/#narrow/stream/179247-Security-and.20Privacy/topic/XSS.20Vulnerability.20in.20HAPI.20FHIR.20Testpage.20Overlay
Last updated: Apr 12 2022 at 19:14 UTC
