alt Hacker NewsNo one knows how many vulnerabilities there are in closed source medical record software - because we can't check. There are _probably_ loads though, because that medical software is super terrible in every way that we _can_ check.
Replies
1970-01-01 • today at 5:45 PM
Isn't anything closed-source by definition this? Why speak of the subset of closed-source medical record software when it's just the entire class of software?
0xdeadbeefbabe • today at 4:59 PM
SQL injection and XSS come up in dynamic analysis too.
Well the closed-source EHR applications that use NoSQL databases such as MUMPS (InterSystems Caché) probably don't have many SQL injection vulnerabilities.