Cross Site Scripting (XSS) Vulnerability in Doctor's Appointment System 1.0 Allows Administrator Account Takeover
CVE-2022-36203 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Doctor's Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) via the admin panel. In addition, it leads to takeover the administrator account by stealing the cookie via XSS.
Learn more about our Web Application Penetration Testing UK.