For week 10, I continued with some work I had outstanding from last week that has been previously described, and reflected on my time as a GSoC student.

How I Found GSoC:
I really enjoyed my time as a GSoC student — it is definitely something I would do again…

For week 8, I worked with another GSoC member to patch an XSS vulnerability.

The Vulnerability:
To recreate this vulnerability, I took these steps:
1. Create a privilege named <script>alert(1);</script>.
2. Delete that privilege.
3. Get the alert box showing “1”. …

For week 7, I submitted a PR that partially fixed the XSS attack I have been working on.

The Solution:
First I ran the XSS attack, which involved editing the page’s URL by changing a variable to contain a JavaScript popup. I then used Inspect Element to view the source…

This week I had to put the XSS vulnerability on hold due to an error that wouldn’t let me update the code with Maven. I have since fixed this error and have submitted my first pull request, which I will talk about in this week’s blog.

The Error:
When I…

For Google Summer of Code with OpenMRS this week, I looked into setting up the programming environment with IntelliJ as my IDE, and locating the error in the code that made the previously mentioned XSS vulnerability possible.

Setting Up IntelliJ:
I had a few issues setting up IntelliJ initially as…

As mentioned last week, I am looking into fixing an XSS (Cross Site Scripting) vulnerability in the Appointment Scheduling part of the OpenMRS application. This week, in order to delve into the problem, I have been researching open source projects and how they work, getting to know OpenMRS, and learning…

Kate Belson

BSc Computer Science Student at University of Exeter. Participating in Google Summer of Code for OpenMRS.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store