CVE-2022-36251

Name of the Vulnerable Software and Affected Versions Clinic's Patient Management System version 1.0

Description The issue is related to Cross Site Scripting (XSS) via the patients.php file. This means that an attacker could potentially inject malicious scripts into the website, which could then be executed by users' browsers, allowing the attacker to steal user data or take control of user sessions.

Recommendations For Clinic's Patient Management System version 1.0, consider disabling access to the patients.php file until a patch is available to prevent potential XSS attacks. As a temporary workaround, restrict user input validation to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.