What the vulnerability does
01Description
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows Privilege Escalation. This issue affects Hospital Management System: from 47.0(20 through 11.
Explanation of Vulnerability in Simple Terms
The Hospital Management System Joomla extension contains an improper access control vulnerability affecting versions 47.0 through 11. An authenticated user with low privileges can read, modify, or delete sensitive data and disrupt site operations. The vulnerability requires network access and valid login credentials but no additional user interaction. Site administrators should update immediately to a patched version.
What an attacker can do
Read, modify, or delete sensitive hospital data; disrupt site availability.
Potential impact on your site
Patient records and hospital data exposed to unauthorized access, modification, or deletion by any logged-in user.
Conditions required to exploit
Valid Joomla user account with low-level privileges; network access to the site.
Key dates
External resources