First published: Tue Nov 26 2024(Updated: )
A vulnerability was found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /backend/admin/his_admin_add_lab_equipment.php of the component Add Laboratory Equipment Page. The manipulation of the argument eqp_code/eqp_name/eqp_vendor/eqp_desc/eqp_dept/eqp_status/eqp_qty leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Credit: cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Hospital Management System Project Hospital Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-11676 is classified as a problematic vulnerability in the CodeAstro Hospital Management System.
To remediate CVE-2024-11676, ensure to update the CodeAstro Hospital Management System to the latest version that addresses this vulnerability.
CVE-2024-11676 affects the Add Laboratory Equipment Page located in /backend/admin/his_admin_add_lab_equipment.php.
CVE-2024-11676 impacts version 1.0 of the CodeAstro Hospital Management System.
CVE-2024-11676 is identified as a stored cross-site scripting (XSS) vulnerability.