CVE-2024-46238 – This CVE describes multiple stored XSS vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-46238?

CVE-2024-46238 has a CVSS score of 5.9 (MEDIUM). This CVE describes multiple stored XSS vulnerabilities in PHPGurukul Hospital Management System 4.0. Attackers can inject malicious scripts via the docname parameter in doctor management pages, which execute when administrators view those pages. This affects all installations of PHPGurukul Hospital Management System 4.0.

📋 TL;DR

This CVE describes multiple stored XSS vulnerabilities in PHPGurukul Hospital Management System 4.0. Attackers can inject malicious scripts via the docname parameter in doctor management pages, which execute when administrators view those pages. This affects all installations of PHPGurukul Hospital Management System 4.0.

💻 Affected Systems

Products:

PHPGurukul Hospital Management System

Versions: 4.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrative access to exploit, but affects all default installations of version 4.0.

📦 What is this software?

Hospital Management System by Phpgurukul

View all CVEs affecting Hospital Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator account compromise leading to full system takeover, patient data theft, or ransomware deployment across the hospital network.

🟠

Likely Case

Session hijacking of administrator accounts, defacement of hospital management system, or theft of sensitive patient information.

🟢

If Mitigated

Limited to minor data exposure if proper input validation and output encoding are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative access to the system. Public proof-of-concept demonstrates the vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Implement input validation and output encoding in /admin/add-doctor.php and /admin/edit-doctor.php files.

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Add proper input validation for docname parameter and implement output encoding in affected PHP files.

Edit /admin/add-doctor.php and /admin/edit-doctor.php to sanitize docname parameter input and encode output

WAF Rule Implementation

all

Deploy web application firewall rules to block XSS payloads targeting docname parameter.

Configure WAF to block scripts in docname parameter: ^[a-zA-Z0-9\s\-\.,]+$

🧯 If You Can't Patch

Restrict administrative access to trusted IP addresses only
Implement Content Security Policy (CSP) headers to prevent script execution

🔍 How to Verify

Check if Vulnerable:

Test by submitting XSS payload in docname field: <script>alert('XSS')</script> in /admin/add-doctor.php

Check Version:

Check system version in admin panel or review PHPGurukul documentation

Verify Fix Applied:

Verify that XSS payloads are properly sanitized and do not execute when viewing doctor records

📡 Detection & Monitoring

Log Indicators:

Unusual script tags in docname parameter logs
Multiple failed login attempts followed by successful admin login

Network Indicators:

HTTP POST requests to /admin/add-doctor.php or /admin/edit-doctor.php with script tags in parameters

SIEM Query:

source="web_logs" AND (uri_path="/admin/add-doctor.php" OR uri_path="/admin/edit-doctor.php") AND (param="docname" AND value MATCHES "<script>")

📊 Metadata

CVE ID: CVE-2024-46238

CVSS v3 Score: 5.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-79

Published: October 21, 2024

Last Updated: March 31, 2025

🔗 References

https://github.com/anoncoder01/PHP_Gurukul_Hospital_Management_System_XSS/blob/master/vulnerabilities/XSS2.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46238, you might also want to check these: