2 matches found
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 was discovered to contain a Cross-Site Request Forgery CSRF via /patient/settings.php...
CVE-2022-36546
Edoc-doctor-appointment-system v1.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the /patient/settings.php endpoint. The issue allows potentially malicious requests to be performed on behalf of a logged-in user. CVSS 3.1 base score 8.8 (HIGH); attack vector Network, privileges ...