Stored cross-site scripting (XSS) vulnerability in Care2x Hospital Information Management 2.7 Alpha. The vulnerability has found POST requests in /modules/registration_admission/patient_register.php page with "name_middle", "addr_str", "station", "name_maiden", "name_2", "name_3" parameters.
References
Link | Resource |
---|---|
https://securityforeveryone.com/blog/care2x-hospital-information-management-system-0-day-vulnerability-cve-2021-36352 | Third Party Advisory |
https://www.exploit-db.com/exploits/50197 | Exploit Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-08-26T13:23:16
Updated: 2021-08-26T13:23:16
Reserved: 2021-07-09T00:00:00
Link: CVE-2021-36352
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-08-26T14:15:07.307
Modified: 2021-09-01T14:20:25.193
Link: CVE-2021-36352
JSON object: View
Redhat Information
No data.
CWE