cvedb.io
CVE-2020-36011
MEDIUM · CVSS 4.8
EPSS exploitation probability: 0%
Published 2021-01-26T18:15:55.147 · Last modified 2026-07-09T01:16:46.127

Summary

A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field.

Affected products

qdocs — smart_hospital

Does this affect you?

Add your gear to cvedb and we'll alert you only when qdocs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.