CVE-2016-6272

Name of the Vulnerable Software and Affected Versions Epic MyChart (affected versions not specified)

Description The issue allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to "help.asp". This was initially reported as a potential SQL injection issue, but its accuracy is questionable.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.