CVE-2025-63514

kishan0725 Hospital Management System has a Cross-Site Scripting (XSS) vulnerability in appsearch.php via the email parameter.

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

References

Link	Resource
https://github.com/NicatAliyevh/Zero-Days/blob/main/Hospital_Management_System_Stored_XSS.md	Exploit Third Party Advisory
https://github.com/kishan0725/Hospital-Management-System/issues/54	Issue Tracking Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:kishan0725:hospital_management_system:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-11-18 18:16

Updated : 2025-11-20 21:54

NVD link : CVE-2025-63514

Mitre link : CVE-2025-63514

CVE.ORG link : CVE-2025-63514

JSON object : View

Products Affected

kishan0725

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')