Archana M

**Name of the Vulnerable Software and Affected Versions** Patients Waiting Area Queue Management System version 1.0 **Description** A cross-site scripting issue exists in the Patients Waiting Area Queue Management System version 1.0. The issue is located in the `/patient-search.php` file, within an unknown function. Manipulation of the `First Name/Last Name` argument allows for remote execution of the attack. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System version 1.0 **Description** A security issue exists in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System version 1.0. The issue involves cross site scripting, potentially allowing remote manipulation through the `/queue.php` file. Specifically, manipulating the `firstname` and `lastname` arguments can trigger the issue. The exploit for this issue has been published. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.