Headline
CVE-2022-45729: CVE-2022-45729/CVE-2022-45729 at main · sudoninja-noob/CVE-2022-45729
A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Employee ID parameter.
> [Suggested description]
> A cross-site scripting (XSS) vulnerability in Doctor Appointment
> Management System v1.0.0 allows attackers to execute arbitrary web
> scripts or HTML via a crafted payload injected into the Employee ID
> parameter.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Cross Site Scripting (XSS)
>
> ------------------------------------------
>
> [Vendor of Product]
> https://www.sourcecodester.com
>
> ------------------------------------------
>
> [Affected Product Code Base]
> Doctor Appointment Management System - V 1.0.0
>
> ------------------------------------------
>
> [Affected Component]
> fname
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Reference]
> https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql/
>
> ------------------------------------------
>
> [Discoverer]
> Sanjay Singh
Use CVE-2022-45729