5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
# Exploit Title: RemoteClinic 2.0 - 'Multiple' Stored Cross-Site Scripting (XSS)
# Exploit Author: Saud Ahmad
# Vendor Homepage: https://remoteclinic.io/
# Software Link: https://github.com/remoteclinic/RemoteClinic
# Version: 2.0
# Tested on: Windows 10
# CVE : CVE-2021-30030, CVE-2021-30034, CVE-2021-30039, CVE-2021-30042
#Steps to Reproduce:
1)Login in Application as Doctor.
2)Register a Patient with Full Name Field as XSS Payload: XSS"><img src=x onerror=alert(`XSS-BY-Saud-Ahmad`)>
3)After Register Patient, go to "Patients" endpoint.
4)XSS Executed.
For Detail POC: https://github.com/remoteclinic/RemoteClinic/issues/1
#Steps to Reproduce:
1)Login in Application as Doctor.
2)Register a Patient.
3)After Register Patient, a page redirect to Register Report Page.
4)Here is "Symptoms" Field as XSS Payload: XSS"><img src=x onerror=alert(`XSS-BY-Saud-Ahmad`)>
4)After Register Report, Click on home which is "dashboard" endpoint.
5)XSS Executed.
For Detail POC: https://github.com/remoteclinic/RemoteClinic/issues/5
#Steps to Reproduce:
1)Login in Application as Doctor.
2)Register a Patient.
3)After Register Patient, a page redirect to Register Report Page.
4)When you scroll down page two fields there "Fever" and "Blood Pressure", both are vulnerable to XSS, inject XSS Payload in both Fields: XSS"><img src=x onerror=alert(`XSS-BY-Saud-Ahmad`)>
4)After Register Report, Click on home.
5)Now Click on Report, XSS Executed.
For Detail POC: https://github.com/remoteclinic/RemoteClinic/issues/8
#Steps to Reproduce:
1)Login in Application as Doctor.
2)Register a New Clinic.
3)Here is four fields "Clinic Name", "Clinic Address", "Clinic City" and "Clinic Contact". All are vulnerable to XSS.
4)Inject XSS Payload in all Fields: XSS"><img src=x onerror=alert(`XSS-BY-Saud-Ahmad`)>
4)Now go to Clinic Directory.
5)Click on that Clinic.
6)XSS Executed.
For Detail POC: https://github.com/remoteclinic/RemoteClinic/issues/11
# 0day.today [2021-10-26] #
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N