CVE-2015-4591
eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.jsp which allows remote unauthenticated users to inject arbitrary javascript via the strMessage parameter.
Date published : 2017-01-10
http://www.securityfocus.com/archive/1/537420/100/0/threaded