CVE-2020-16218

CVE-2020-16218: Philips Patient Monitoring Devices Cross-site Scripting

Vendor Philips
Product Patient Information Center iX (PICiX)
Weakness CWE-79 · XSS
Published September 11, 2020
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application.

Key dates

02Disclosure timeline

September 11, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-34564 CI4MS: Menu Management (Pages) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS CVE-2024-56365 PhpSpreadsheet vulnerable to unauthorized reflected XSS in the constructor of the Downloader class CVE-2022-3896 WP Affiliate Platform <= 6.3.9 - Reflected Cross-Site Scripting CVE-2022-1241 Ask Me < 6.8.2 - Reflected Cross-Site Scripting CVE-2025-30798 WordPress Better WishList API plugin <= 1.1.4 - Cross Site Scripting (XSS) Vulnerability