NVD

Vulnerability Change Records for CVE-2024-2275

Action	Type	New Value
Added	CVSS V2	VulDB (AV:N/AC:L/Au:M/C:N/I:P/A:N)
Added	CVSS V3.1	VulDB AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Added	CWE	VulDB CWE-79
Added	Description	A vulnerability, which was classified as problematic, was found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. Affected is an unknown function of the component OBS Patient/Gynee Prescription. The manipulation of the argument Patient Title/Full Name/Address/Cheif Complain/LMP/Menstrual Edd/OBS P/OBS Alc/Medicine Name/Medicine Type/Ml/Dose/Days/Comments/Template Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256044. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Added	Reference	VulDB https://drive.google.com/file/d/11QliZKy-7ylKph1vwlXVHaRn5Jmk0Bjg/view?usp=drivesdk [No types assigned]
Added	Reference	VulDB https://vuldb.com/?ctiid.256044 [No types assigned]
Added	Reference	VulDB https://vuldb.com/?id.256044 [No types assigned]