CVE-2023-6297

Name of the Vulnerable Software and Affected Versions PHPGurukul Nipah Virus Testing Management System version 1.0

Description A problematic vulnerability has been found in the Search Report Page component, specifically in the file patient-search-report.php. The issue arises from the manipulation of the Search By Patient Name argument with malicious input, such as <script>alert(document.cookie)</script>, leading to cross-site scripting. This attack can be initiated remotely.

Recommendations For PHPGurukul Nipah Virus Testing Management System version 1.0, consider restricting the input for the Search By Patient Name argument to prevent cross-site scripting attacks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.