A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. .
References
| Link | Resource |
|---|---|
| http://chikista.com | Product URL Repurposed |
| http://rlsec.xyz/vulns/CVE_2021_42868.html | Exploit Third Party Advisory |
Configurations
History
14 Feb 2024, 01:17
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://chikista.com - Product, URL Repurposed |
07 Apr 2022, 19:41
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:chikitsa:patient_management_software:2.0.2:*:*:*:*:*:*:* | |
| First Time |
Chikitsa patient Management Software
Chikitsa |
|
| CWE | CWE-79 | |
| CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 4.8 |
| References | (MISC) http://chikista.com - Product | |
| References | (MISC) http://rlsec.xyz/vulns/CVE_2021_42868.html - Exploit, Third Party Advisory |
31 Mar 2022, 18:23
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-03-31 18:15
Updated : 2024-02-14 01:17
NVD link : CVE-2021-42868
Mitre link : CVE-2021-42868
CVE.ORG link : CVE-2021-42868
JSON object : View
Products Affected
chikitsa
- patient_management_software
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')