CVE-2024-2275

Name of the Vulnerable Software and Affected Versions Bdtask G-Prescription Gynaecology & OBS Consultation Software version 1.0

Description A problematic issue was found in the software, affecting an unknown function of the component OBS Patient/Gynee Prescription. The manipulation of the argument Patient Title/Full Name/Address/Cheif Complain/LMP/Menstrual Edd/OBS P/OBS Alc/Medicine Name/Medicine Type/Ml/Dose/Days/Comments/Template Name leads to cross-site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.