Login Sign Up

CVE-2025-63514

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

The Hospital Management System by kishan0725 contains a stored Cross-Site Scripting (XSS) vulnerability in the appsearch.php file through the email parameter. This allows attackers to inject malicious scripts that execute when users view affected pages. All users of vulnerable versions are affected.

💻 Affected Systems

Products:
  • kishan0725 Hospital Management System
Versions: All versions prior to fix
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation and configuration.

📦 What is this software?

Hospital Management System by Kishan0725

View all CVEs affecting Hospital Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, deface the application, or perform actions on behalf of authenticated users.

🟠

Likely Case

Attackers inject malicious scripts to steal user credentials or session tokens, potentially compromising user accounts.

🟢

If Mitigated

With proper input validation and output encoding, the risk is reduced to minimal as scripts would be properly sanitized.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires the attacker to have access to submit data through the vulnerable parameter, but the vulnerability is stored/persistent.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://github.com/kishan0725/Hospital-Management-System/issues/54

Restart Required: No

Instructions:

1. Review the GitHub issue for official fix. 2. Apply input validation and output encoding to the email parameter in appsearch.php. 3. Sanitize all user inputs before processing.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement server-side validation and sanitization of the email parameter

Modify appsearch.php to validate email format and sanitize input

Content Security Policy

all

Implement CSP headers to restrict script execution

Add Content-Security-Policy header to restrict inline scripts

🧯 If You Can't Patch

  • Implement a web application firewall (WAF) with XSS protection rules
  • Disable or restrict access to the vulnerable appsearch.php endpoint

🔍 How to Verify

Check if Vulnerable:

Test by submitting a script payload in the email parameter of appsearch.php and check if it executes when the page is viewed.

Check Version:

Check the system version through the application interface or source code metadata.

Verify Fix Applied:

Attempt to inject XSS payloads and verify they are properly sanitized and do not execute.

📡 Detection & Monitoring

Log Indicators:

  • Unusual email parameter values containing script tags or JavaScript in appsearch.php requests

Network Indicators:

  • HTTP requests to appsearch.php with suspicious email parameters

SIEM Query:

source="web_logs" AND uri="/appsearch.php" AND (email CONTAINS "<script>" OR email CONTAINS "javascript:")

📊 Metadata

CVE ID: CVE-2025-63514
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.05% exploit probability (15th percentile)
Published: November 18, 2025
Last Updated: November 20, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-63514, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)