Epic · Epic Mychart · CVE-2016-6272
**Name of the Vulnerable Software and Affected Versions**
Epic MyChart (affected versions not specified)
**Description**
The issue allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the `topic` parameter to "help.asp". This was initially reported as a potential SQL injection issue, but its accuracy is questionable.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.