CVE-2025-9774
BaseFortify
Publication date: 2025-09-01
Last updated on: 2025-09-04
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| remoteclinic | remote_clinic | to 2.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9774 is a Cross-Site Scripting (XSS) vulnerability in RemoteClinic version 2.0, specifically in the file /patients/edit-patient.php. It occurs because the application improperly handles the Email parameter, failing to validate or encode it correctly. This allows attackers to inject malicious scripts that execute in the victim's browser without requiring authentication, leading to unauthorized access to sensitive information and actions performed on behalf of the user. [2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to information disclosure and unauthorized actions. Attackers can steal cookies, session tokens, and other sensitive data, perform actions on behalf of the victim, deface webpages, redirect users to malicious sites, and potentially gain full control over the victim's browser. Exploitation requires no authentication and can be done remotely, posing a significant risk to user confidentiality and system integrity. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by identifying instances of the vulnerable file `/patients/edit-patient.php` in the RemoteClinic system, especially by checking for the presence of the Email parameter being manipulated. One method to find vulnerable targets is using Google dorking with the query `inurl:patients/edit-patient.php`. Additionally, testing the endpoint with a proof-of-concept payload such as `<script>alert('XSS')</script>` via a POST request to `/patients/edit-patient.php?id=159` can confirm the presence of the vulnerability by observing if the script executes. Network monitoring tools can also be used to detect suspicious requests containing script injections targeting this endpoint. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Implement proper output encoding of user inputs based on context (HTML, JavaScript, CSS, URL) to prevent execution of injected scripts. 2) Enforce strict input validation and filtering to allow only expected formats and reject or escape malicious content such as script tags. 3) Deploy a strict Content Security Policy (CSP) to restrict script sources and prevent unauthorized script execution. 4) Set secure cookie flags like HttpOnly and Secure to protect sensitive cookies from JavaScript access and ensure secure transmission. 5) Conduct regular security audits to detect and remediate XSS and other vulnerabilities promptly. Since no official patch or countermeasure is currently available, consider replacing the affected product with a secure alternative. [3, 1]