High severity7.5NVD Advisory· Published Feb 20, 2018· Updated Jun 17, 2026
CVE-2016-6272
CVE-2016-6272
Description
XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. NOTE: this was originally reported as a SQL injection vulnerability, but this may be inaccurate.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/146418/EPIC-MyChart-SQL-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.exploit-db.com/exploits/44098/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.