CVE-2025-6452
BaseFortify
Publication date: 2025-06-22
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| codeastro | patient_record_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6452 is a stored cross-site scripting (XSS) vulnerability in version 1.0 of the CodeAstro Patient Record Management System. It occurs in the 'Generate New Report' page where the 'Patient Name/Name' input is not properly sanitized, allowing an attacker to inject malicious scripts. These scripts are stored on the server and executed when other users view the report, potentially compromising their sessions or data. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to session hijacking, data theft, or other malicious actions by executing injected scripts in the context of other users. Since the attack can be initiated remotely and requires user interaction, it may compromise the integrity and confidentiality of patient data within the system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the 'Generate New Report' page of the CodeAstro Patient Record Management System version 1.0 for stored cross-site scripting (XSS) in the 'Patient Name/Name' input field. You can attempt to inject typical XSS payloads (e.g., <script>alert(1)</script>) into this field and observe if the script executes when the report is viewed. Since the vulnerability involves stored XSS, monitoring HTTP requests and responses for suspicious script injections in this parameter can help detect exploitation attempts. Specific commands depend on your environment, but using tools like curl or Burp Suite to send crafted POST requests to the vulnerable page and inspecting responses is recommended. For example, a curl command to test injection might be: curl -X POST -d "PatientName=<script>alert(1)</script>" https://[target]/generate_report. Additionally, web vulnerability scanners that test for stored XSS can be used. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the affected 'Generate New Report' page to trusted users only, applying strict input validation and output encoding on the 'Patient Name/Name' parameter to neutralize malicious scripts, and monitoring for suspicious activity. Since no known countermeasures or patches are currently available, it is recommended to replace the affected product with an alternative solution if possible. Additionally, educating users about the risk and ensuring they do not interact with suspicious reports can reduce impact. Implementing web application firewalls (WAF) rules to detect and block XSS payloads targeting this parameter may also help mitigate exploitation. [2]