Submit #602323: CodeAstro Health Center Patient Record Management System 1.0 Cross-Site Request Forgeryinfo

Title	CodeAstro Health Center Patient Record Management System 1.0 Cross-Site Request Forgery
Description	A Cross-Site Request Forgery (CSRF) vulnerability was identified in the viewRecord.php endpoint of the PRMS system. This flaw allows an attacker to force an authenticated user to submit crafted POST data, resulting in unauthorized actions such as searching records without their knowledge.
Source	⚠️ https://github.com/Vanshdhawan188/CodeAstro-Online-Healthcare-Patient-Record-Management-System-CSRF/blob/main/CodeAstro-Online-Healthcare-Patient-Record-Management-System-CSRF.md
User	Subhash Paudel (UID 66830)
Submission	06/22/2025 11:32 (10 months ago)
Moderation	06/25/2025 16:44 (3 days later)
Status	Accepted
VulDB entry	313878 [CodeAstro Patient Record Management System 1.0 cross-site request forgery]
Points	17