漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Multiple vulnerabilities in Imaster products Open configuration options
Vulnerability Description
Imaster's Patient Record Management System contains a stored Cross-Site Scripting (XSS) vulnerability in the endpoint ‘/projects/hospital/admin/edit_patient.php’. By injecting a malicious script into the ‘firstname’ parameter, the JavaScript code is stored and executed every time a user accesses the patient list, allowing an attacker to execute arbitrary JavaScript in a victim's browser.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Imaster Patient Record Management System 跨站脚本漏洞
Vulnerability Description
Imaster Patient Record Management System是Nzioka Victor个人开发者的一个病历管理系统。 Imaster Patient Record Management System存在跨站脚本漏洞,该漏洞源于端点/projects/hospital/admin/edit_patient.php对firstname参数验证不足,可能导致存储型跨站脚本攻击,从而在受害者浏览器中执行任意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A