CVE

Id
71157  
CVE No.
CVE-2014-3861  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.  
Phase
Assigned (20140525)  
Votes
None (candidate not yet proposed)  
Comments