HMS is a computer or web based hospital management system in Bangladesh. Useful for managing the operations of a hospital or any healthcare facility.HMS version 1.0 has a cross-site scripting vulnerability that can be exploited by attackers to cause a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.