CVE-2023-6424
BigProf Online Clinic Management System v2.2 contains a persistent XSS in the FirstRecord parameter of /clinic/disease_symptoms_view.php due to insufficient input encoding. Exploitation could allow storing JavaScript payloads that execute when the affected page loads. Connected sources (NVD/CVE e...