CVE-mitre:index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
nu11secur1ty: XSS-Stored – Brutal PWNED on Chikitsa 2.0.0 parameter “name” + User: Unrestricted File Upload “.php”
Recent assessments:
nu11secur1ty at August 09, 2021 1:20pm UTC reported:
CVE-mitre:index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.
nu11secur1ty: XSS-Stored – Brutal PWNED on Chikitsa 2.0.0 parameter “name” + User: Unrestricted File Upload “.php”
<https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38152>
<https://streamable.com/wbo5c1>
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5