XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. NOTE: this was originally reported as a SQL injection vulnerability, but this may be inaccurate.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-02-20T15:00:00
Updated: 2024-08-06T01:22:20.818Z
Reserved: 2016-07-22T00:00:00
Link: CVE-2016-6272
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-02-20T15:29:00.243
Modified: 2024-11-21T02:55:47.837
Link: CVE-2016-6272
Redhat
No data.