CVE-2012-4262

Name of the Vulnerable Software and Affected Versions myCare2x (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific parameters to various PHP files. The affected parameters include name last, name first, name middle, and name maiden in 'mycare pid.php', favorites and lang in 'mycare ward print.php', aktion and callurl in 'mycare2x pat info.php', and ln in 'mycare2x proc search.php'.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.