CVE-2023-1180 LOW

CVE-2023-1180: SourceCodester Health Center Patient Record Management System hematology_print.php cross site scripting

Vendor Sourcecodester
Product Health Center Patient Record Management System
Weakness CWE-79 · XSS
Published March 5, 2023
Last update March 5, 2025
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file hematology_print.php. The manipulation of the argument hem_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222331.

Key dates

02Disclosure timeline

March 5, 2023 CVE published
March 5, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-49389 WordPress Notice Bar Plugin <= 3.1.3 - Cross Site Scripting (XSS) Vulnerability CVE-2024-10343 Beek Widget Extention <= 0.9.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CVE-2026-5243 The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.4.11 - Authenticated (Contributor+) Stored Cross-Site Scripting via Navigation Menu Lite Widget CVE-2023-49177 WordPress which template file Plugin <= 4.9.0 is vulnerable to Cross Site Scripting (XSS) CVE-2024-10880 JobBoardWP – Job Board Listings and Submissions <= 1.3.0 - Reflected Cross-Site Scripting