CVE-2020-5729

Summary

In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue.

Affected Software

VendorProductVersion RangeStatus
n/aOpenMRSVersions 2.90 and prioraffected

Weaknesses

  • Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References