CVE-2022-3716

LOW

Oretnom23 Online Medicine Ordering System - XSS

Title source: rule

Description

A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-212347.

References (1)

[Third Party Advisory] https://vuldb.com/?id.212347

Scores

CVSS v3 3.5

EPSS 0.0022

EPSS Percentile 45.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-79 CWE-707

Status published

Products (1)

oretnom23/online_medicine_ordering_system 1.0

Published Oct 27, 2022

Tracked Since Feb 18, 2026