Cross Site Scripting vulnerability in PHPGurukul Doctor Appointment Management System v.1.0 allows a local attacker to execute arbitrary code via the search parameter.
https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql/
https://medium.com/%40KrishnaChaganti/cross-site-scripting-xss-in-appointment-management-system-cve-2024-48807-0f7523be9fa2
Source: Mitre, NVD
Published: 2024-10-30
Updated: 2025-03-31
Base Score: 1.9
Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:N
Severity: Low
Base Score: 5.4
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Severity: Medium
EPSS: 0.00061