CVE-2022-22851 in Hospital Patient Records Management System
Summary
by MITRE • 01/26/2022
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the specialization parameter in doctors.php
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 05/26/2026
The stored cross site scripting vulnerability identified as CVE-2022-22851 represents a critical security flaw within the Sourcecodtester Hospital Patient Records Management System version 1.0. This vulnerability specifically manifests through the specialization parameter within the doctors.php file, creating an avenue for malicious actors to inject persistent malicious scripts into the application's database. The flaw enables attackers to execute arbitrary JavaScript code within the context of other users' browsers, potentially compromising the confidentiality and integrity of sensitive patient data. The vulnerability stems from inadequate input validation and output encoding mechanisms that fail to properly sanitize user-supplied data before storing and rendering it within the web application interface.
The technical exploitation of this XSS vulnerability occurs when an attacker crafts malicious script code and submits it through the specialization parameter field during doctor registration or profile modification processes. The system stores this malicious input without proper sanitization, subsequently retrieving and executing the script when other users view the doctor profiles. This stored nature of the vulnerability means the malicious payload persists in the database and affects multiple users who access the affected pages. The CWE-79 classification applies here as the application fails to properly encode output data, creating an environment where attacker-controllable data can be interpreted as executable code rather than static text. The vulnerability demonstrates poor application security practices in data sanitization and input validation, particularly concerning the handling of user-controllable parameters that directly influence web page content generation.
From an operational standpoint, this vulnerability presents significant risks to healthcare organizations utilizing the affected system. The stored XSS attack could enable attackers to steal session cookies, redirect users to malicious sites, or perform actions on behalf of authenticated users with elevated privileges. Given that this affects a hospital patient records management system, the potential impact extends beyond simple data theft to include patient privacy breaches, regulatory compliance violations, and potential healthcare fraud. The attack vector through the doctors.php file suggests that medical professionals' profiles could be compromised, potentially affecting the integrity of medical staff information and creating opportunities for impersonation attacks. Security frameworks such as the ATT&CK matrix categorize this under initial access and persistence techniques, where attackers establish footholds through web application vulnerabilities to maintain long-term access to sensitive healthcare environments.
Organizations should implement comprehensive mitigation strategies addressing this vulnerability through multiple defensive layers. Input validation must be strengthened at both client and server-side levels, ensuring all user-controllable parameters undergo rigorous sanitization before database storage. Output encoding mechanisms should be implemented to prevent malicious scripts from executing when rendered in web browsers, particularly for dynamic content generated from database records. The system should employ Content Security Policy headers to restrict script execution and prevent unauthorized code injection. Regular security assessments and penetration testing should be conducted to identify similar vulnerabilities within healthcare applications, as the healthcare sector remains a prime target for cyber attacks due to the sensitive nature of patient data. Additionally, implementing web application firewalls and monitoring for suspicious parameter values can help detect and prevent exploitation attempts before they succeed in compromising the system.