Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2014-3861
- EPSS 1.49%
- Veröffentlicht 02.09.2014 10:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.
4.3
CVE-2014-3862
- EPSS 1.31%
- Veröffentlicht 02.09.2014 10:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure...
4.3
CVE-2014-5452
- EPSS 2.05%
- Veröffentlicht 02.09.2014 10:55:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
CDA.xsl in HL7 C-CDA 1.1 and earlier does not anticipate the possibility of invalid C-CDA documents with crafted XML attributes, which allows remote attackers to conduct XSS attacks via a document containing a table that is improperly handled during ...
1