SourceCodester Hospital Patient Records Management System is a web-based PHP application that provides an automated platform for hospitals to store and manage their patient records. A cross-site scripting vulnerability exists in version 1.0 of the Management System. The vulnerability is related to the lack of valid validation of the description parameter in room_list. An attacker could use this vulnerability to inject JavaScript code and compromise site security.