CVE-2023-1006

Name of the Vulnerable Software and Affected Versions SourceCodester Medical Certificate Generator App version 1.0

Description A problem was found in the New Record Handler component. The issue arises from the manipulation of arguments such as Firstname, Middlename, Lastname, Suffix, Nationality, Doctor Fullname, and Doctor Suffix with malicious input, like ">, leading to cross-site scripting. This can be initiated remotely.

Recommendations For version 1.0, consider disabling the New Record Handler component or restricting the input for the affected arguments until a fix is available. Avoid using the arguments Firstname, Middlename, Lastname, Suffix, Nationality, Doctor Fullname, and Doctor Suffix with unvalidated input to minimize the risk of exploitation.