CVE-2022-42205

Name of the Vulnerable Software and Affected Versions PHPGurukul Hospital Management System version 4.0

Description The issue concerns a Cross Site Scripting (XSS) flaw. This type of flaw occurs when an application includes user input in its output without proper validation or encoding, allowing an attacker to inject malicious content, such as scripts. In this case, the vulnerability is present in the add-patient.php file.

Recommendations For PHPGurukul Hospital Management System version 4.0, consider validating and encoding all user input in the add-patient.php file to prevent XSS attacks. As a temporary workaround, restrict access to the add-patient.php file until a proper fix is applied.