Go to the main page

Security Hall of Fame

On this page, we recognize the people who have identified and responsibly disclosed security vulnerabilities to us. Thank you!

NameScopeVulnerabilityReported Date
Stanislav Kravchenkodhis2-coreUnclaimed NPM dependencies2022-06-16
Michael Kunzdhis2-coreXSS in user upload images2022-01-07
Charles Yangdhis2-coreXSS via crafted user-agent2021-07-23
Kunal Mhaskedhis2.orgMissing HTML X-Frame-Options2021-02-06

Vulnerability Policy

You can learn more about the DHIS2 process for reporting and disclosing security vulnerabilities on our Vulnerability Policy page.