CVE-2025-7148

A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Multiple parameters might be affected.

Published: Jul 8, 2025
Updated: Jul 8, 2025
CVE: CVE-2025-7148
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.5
AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CWEs:

CWE-94
CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

No affected software listed.

https://codeastro.com/
https://github.com/Vanshdhawan188/Simple-Hospital-Management-System-in-Python-CodeAstro-Patients-Stored-XSS/blob/main/Simple%20Hospital%20Management%20System%20in%20Python%20CodeAstro%20Patients%20Stored%20XSS.md
https://vuldb.com/?ctiid.315086
https://vuldb.com/?id.315086
https://vuldb.com/?submit.606043

Vulnerability Database

290,476

CVE-2025-7148