Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php.
Recent assessments:
nu11secur1ty at August 17, 2021 2:20pm UTC reported:
XSS-Stored PHPSESSID user PWNED on Hospital Management System Vulnerable parameter “txtMsg” on contact
<https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38757>
<https://streamable.com/6xue3b>
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5