CVE-2026-36388
Cross-Site Scripting (XSS) in PHPGurukal Hospital Management System
Publication date: 2026-05-07
Last updated on: 2026-05-07
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukal | hospital_management_system | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Site Scripting (XSS) flaw found in the PHPGurukal Hospital Management System version 4.0, specifically in the /hospital/hms/edit-profile.php page.
An authenticated attacker, such as a patient, can inject malicious script code into the User Name parameter.
This malicious script is stored by the application and later displayed in the doctor's interface, potentially allowing the attacker to execute scripts in the context of the doctor's browser.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to execute malicious scripts within the doctor's interface.
- It can lead to theft of sensitive information visible to the doctor.
- It may allow session hijacking or unauthorized actions performed on behalf of the doctor.
- It can undermine trust in the hospital management system by exposing users to security risks.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a Cross-Site Scripting (XSS) issue in the /hospital/hms/edit-profile.php page of PHPGurukal Hospital Management System v4.0, where an authenticated patient can inject malicious scripts into the User Name parameter.
To detect this vulnerability on your system, you can attempt to inject typical XSS payloads into the User Name field on the edit-profile.php page while authenticated as a patient and observe if the script executes in the doctor's interface.
- Use a web proxy tool like Burp Suite or OWASP ZAP to intercept and modify the User Name parameter with common XSS payloads such as: <script>alert('XSS')</script>
- Check the stored data in the application database for suspicious script tags in the User Name field.
- Use curl or wget commands to send POST requests with XSS payloads to the edit-profile.php page, for example: curl -X POST -d "username=<script>alert('XSS')</script>" https://target/hospital/hms/edit-profile.php --cookie "session=your_auth_cookie"
Monitoring HTTP responses for reflected or stored script tags in the doctor's interface can help confirm the presence of the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps for this stored XSS vulnerability include:
- Sanitize and validate all user inputs on the server side, especially the User Name parameter, to remove or encode any HTML or script tags.
- Implement proper output encoding when rendering user-supplied data in the doctor's interface to prevent script execution.
- Restrict the privileges of authenticated users to minimize the impact of potential attacks.
- Apply any available patches or updates from the vendor or community addressing this vulnerability.
Additionally, consider implementing Content Security Policy (CSP) headers to reduce the risk of XSS exploitation.