XSS Vulnerability in HAPI FHIR Testpage Overlay by HAPI FHIR
CVE-2020-24301
6.1MEDIUM
What is CVE-2020-24301?
The HAPI FHIR Testpage Overlay versions 5.0.0 and earlier contain a Cross-Site Scripting (XSS) vulnerability. This security flaw allows an attacker to craft a URL that executes arbitrary JavaScript code in the user’s browser. While primarily intended for testing purposes and not widely utilized in production environments, users should remain cautious, as exploitation could lead to malicious behavior leveraging the vulnerability. Refer to the GitHub issue for more information.
