PT-2026-44899 · Sourcecodester · Doctor Appointment System
Adhiyaksarp
·
Published
2026-05-29
·
Updated
2026-05-29
·
CVE-2026-36324
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Doctor Appointment System version 1.0
Description
Cross Site Scripting (XSS) occurs due to improper handling of user-supplied input within the user registration functionality. The issue is located in the 'register.php' endpoint.
Recommendations
Update SourceCodester Doctor Appointment System version 1.0 to a patched version. As a temporary workaround, restrict access to the 'register.php' endpoint to minimize the risk of exploitation.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Doctor Appointment System