Sourcecodester Hospital's Patient Records Management System 1.0 is vulnerable to Insecure Permissions via the id parameter in manage_user endpoint. Simply change the value and data of other users can be displayed.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-24T13:11:53
Updated: 2024-08-03T03:07:50.396Z
Reserved: 2022-01-03T00:00:00
Link: CVE-2022-22296
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-24T14:15:07.737
Modified: 2024-11-21T06:46:35.177
Link: CVE-2022-22296
Redhat
No data.