CVE-2019-6562: XSS
First published: Wed May 01 2019(Updated: )
In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Philips Tasy EMR | <=3.02.1744 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2019-6562.
What is the severity level of CVE-2019-6562?
The severity level of CVE-2019-6562 is medium with a CVSS score of 5.4.
Which software versions are affected by CVE-2019-6562?
Philips Tasy EMR Versions 3.02.1744 and prior are affected by CVE-2019-6562.
How does CVE-2019-6562 impact users?
CVE-2019-6562 allows attackers to inject malicious code into web pages, potentially leading to unauthorized access or data manipulation.
Is there a fix available for CVE-2019-6562?
It is recommended to update to a version of Philips Tasy EMR that is higher than 3.02.1744 to mitigate the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/philips
- canonical/philips tasy emr
- version/philips tasy emr/3.02.1744