CVE-2020-36011

Publication date

2021-01-26 06:53:49

Family

mitre

State

PUBLISHED

Description

A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field.