# Title: Smart Hospital : Hospital Management System - Multiple XSS
# Author: @Eawhitehat - Eren Arslan
# Demo available : https://demo.smart-hospital.in/frontend
# CVE: N/A
# XSS
# Screenshot : https://prnt.sc/2vL46MTZ3ktK

Used Payload :
}}</script><script>alert(/eawhitehat is here/);</script></body></html><!--

Method :
Connect to panel with "SUPER ADMIN" : https://demo.smart-hospital.in/site/login#

#Vulnerablity

1. After login with SUPER ADMIN, go to https://demo.smart-hospital.in/admin/visitors#
2. Add "New Visitor" and paste the payload in category NAME and NOTE
3. Reload the Category List page and welcome your XSS 


Affected page : 
All page !

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.