Sourcecodester · Hospital'S Patient Records Management System · CVE-2026-11468
**Name of the Vulnerable Software and Affected Versions**
SourceCodester Hospitals Patient Records Management System version 1.0
**Description**
An issue exists in the processing of the '/admin/?page=room types' endpoint. Manipulation of the `room` argument allows for remote cross-site scripting, which occurs when an application includes untrusted data in a web page without proper validation or escaping.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.