Jnsereko

**Name of the Vulnerable Software and Affected Versions** OpenMRS HTML Form Entry UI Framework Integration Module versions up to 1.x **Description** A vulnerability has been found in the OpenMRS HTML Form Entry UI Framework Integration Module, which affects an unknown part and leads to cross-site scripting. The manipulation can be initiated remotely. **Recommendations** For OpenMRS HTML Form Entry UI Framework Integration Module versions up to 1.x, upgrade to version 2.0.0 to address this issue.

**Name of the Vulnerable Software and Affected Versions** OpenMRS openmrs-module-referenceapplication versions up to 2.11.x **Description** This issue affects some unknown processing of the file omod/src/main/webapp/pages/userApp.gsp, leading to cross site scripting. The attack may be initiated remotely. **Recommendations** For OpenMRS openmrs-module-referenceapplication versions up to 2.11.x, upgrade to version 2.12.0 to address this issue.

**Name of the Vulnerable Software and Affected Versions** OpenMRS Admin UI Module versions up to 1.5.x **Description** A vulnerability was found in the OpenMRS Admin UI Module, affecting unknown code of the file `location.gsp`. The manipulation leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For OpenMRS Admin UI Module versions up to 1.5.x, upgrade to version 1.6.0 to address this issue. As a temporary workaround, consider restricting access to the affected file `location.gsp` until the upgrade is applied.