← Back to CVE List
CVE-2020-5729
In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back to the browser, which can result in XSS. Any page that is able to trigger a UI Framework Error is susceptible to this issue.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt