Introducing Reference Application 2.3.1

Taking up from Release 2.3.1, we are here to introduce 2.3.1 to the community which was been released in response to address certain security vulnerabilities which would allow one to remotely execute arbitrary code via XML deserialization and spring's expression language support feature. See below for the changes.

Who is this release meant for?

Anyone running OpenMRS Reference Application


It is highly recommended that everyone running the reference application upgrades to this version, if you're only using the reference application modules, make sure you download the latest zip file of the 2.3.1 modules here




A huge thanks to the people that contributed code to this release, not to mention all the people that contributed in countless other ways to support this release and be a great part of the shaping it and the whole infrastructure team!

We welcome any user to download OpenMRS 2.3.1 and try it out, give us feedback.

If you to run into any bugs, send a message via talk or create a new JIRA ticket (click upper right icon).


Download OpenMRS 2.3.1




Download OpenMRS 2.3.1 here: 

You can take a look at the implementer documentation here.