{"id":7751,"date":"2025-07-07T17:14:41","date_gmt":"2025-07-07T17:14:41","guid":{"rendered":"http:\/\/localhost\/?p=7751"},"modified":"2025-07-07T17:14:41","modified_gmt":"2025-07-07T17:14:41","slug":"codeastro-simple-hospital-management-system-post-parameter-patienthtml-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7751","title":{"rendered":"CodeAstro Simple Hospital Management System POST Parameter patient.html cross site scripting"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nCodeAstro Simple Hospital Management System POST Parameter patient.html cross site scripting<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-07T21:32:06.357Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-07T21:32:06.357Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nCodeAstro<\/td>\n<\/tr>\n
Product<\/th>\nSimple Hospital Management System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n5.1 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:L\/UI:P\/VC:N\/VI:L\/VA:N\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA cross-site scripting (XSS) vulnerability in CodeAstro Simple Hospital Management System 1.0 allows remote attackers to inject scripts via the POST parameter handler on patient.html. This could enable unauthorized actions or data theft.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
AI Vendor<\/th>\nCodeAstro<\/td>\n<\/tr>\n
AI Product<\/th>\nSimple Hospital Management System<\/td>\n<\/tr>\n
AI Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n