CVE-2024-51132

Published November 5th, 2024

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECTS

Description

An XML External Entity (XXE) vulnerability in HAPI FHIR before v6.4.0 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted request containing malicious XML entities.

hapifhir/org.hl7.fhir.core

GitHub

194

JAckLosingHeart/CVE-2024-51132-POC

GitHub