CVE-2024-11102

Name of the Vulnerable Software and Affected Versions SourceCodester Hospital Management System version 1.0

Description A high-severity issue affects the SourceCodester Hospital Management System, where the manipulation of the name argument in the /vm/doctor/edit-doc.php file leads to cross-site scripting. The attack can be launched remotely, and other parameters might also be affected. The issue has been disclosed to the public and may be exploited.

Recommendations Update to the latest version to mitigate risks. As a temporary workaround, consider restricting access to the /vm/doctor/edit-doc.php file until a patch is available. Avoid using the name argument in the affected file until the issue is resolved.