CVE-2023-23637

IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health Information.
Configurations

Configuration 1

cpe:2.3:a:unistra:impatient:*:*:*:*:*:*:*:*

Information

Published : 2023-01-17 09:15

Updated : 2023-01-25 02:29


NVD link : CVE-2023-23637

Mitre link : CVE-2023-23637

Products Affected
No products.
CWE