MidnightBSD

Advisories for md1health

CVE-2024-25435

A cross-site scripting (XSS) vulnerability in Md1health Md1patient v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Msg parameter.

Products Affected

Vendor Product Version
md1health md1patient 2.0.0
md1health md1patient 1.16.0