Wiki Spaces


Get Help from Others

Q&A: Ask OpenMRS
Discussion: OpenMRS Talk
Real-Time: IRC Chat | Slack


Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Primary mentor

Backup mentor

N/ASharif Magembe

Assigned to



Late last year, OpenMRS began collaborating with researchers from North Carolina State University (NCSU) to better secure the OpenMRS Reference Application. NCSU researchers, using cutting-edge security assessment techniques, have identified almost 300 distinct security issues. Many of those issues are relatively low-complexity, requiring one-line patches. This is a great opportunity for students who are interested in software security to get first-hand experience in the field.


  1. Experience with .jsp and/or .gsp frontend templating languages
  2. Basic knowledge of common web application security vulnerabilities



to Look Through While Preparing Your Proposal

1) Understand XSS vulnerabilities

2) Review some recent fix examples

For security reasons we can't publicly release the full NCSU report; however, you can check out these PRs for recent examples of the kinds of bugs that are being patched (and the kind of work the patches in this GSOC project entail):


Once you are accepted into the project, you will be ...

A successful proposal could include...