cpe:/a:kmc_information_systems:caseaware:- CVE-2017-5631 2017-05-01T10:59:00.147-04:00 2017-08-12T21:29:21.100-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov EXPLOIT-DB 42042 MISC https://www.openbugbounty.org/incidents/228262/ An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.