Vulnerabilities

CVE-2025-45805

by Fred · 03/09/2025

In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a user visits the website and selects the doctor to book an appointment.

More information : https://github.com/mhsinj/CVE-2025-45805

Similar

Tags: Cybersecurity Alert