Publish Advisories

GHSA-83qv-wv7h-8rvp GHSA-xmrx-vg29-jh4h
github · Dec 27, 2024 · 36e2fd0 · 36e2fd0
1 parent 643261c
commit 36e2fd0
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 1 deletion.
diff --git a/advisories/unreviewed/2024/12/GHSA-83qv-wv7h-8rvp/GHSA-83qv-wv7h-8rvp.json b/advisories/unreviewed/2024/12/GHSA-83qv-wv7h-8rvp/GHSA-83qv-wv7h-8rvp.json
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-83qv-wv7h-8rvp",
+  "modified": "2024-12-27T09:30:47Z",
+  "published": "2024-12-27T09:30:47Z",
+  "aliases": [
+    "CVE-2024-12983"
+  ],
+  "details": "A vulnerability classified as problematic has been found in code-projects Hospital Management System 1.0. This affects an unknown part of the file /hospital/hms/admin/manage-doctors.php of the component Edit Doctor Details Page. The manipulation of the argument Doctor Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12983"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Rocky-Bull/myCVE/blob/main/Hospital_Management_System_XSS.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.289359"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.289359"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.469215"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-12-27T07:15:11Z"
+  }
+}
diff --git a/advisories/unreviewed/2024/12/GHSA-xmrx-vg29-jh4h/GHSA-xmrx-vg29-jh4h.json b/advisories/unreviewed/2024/12/GHSA-xmrx-vg29-jh4h/GHSA-xmrx-vg29-jh4h.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xmrx-vg29-jh4h",
-  "modified": "2024-12-19T15:31:11Z",
+  "modified": "2024-12-27T09:30:47Z",
   "published": "2024-12-19T15:31:11Z",
   "aliases": [
     "CVE-2024-12782"
@@ -38,6 +38,10 @@
     {
       "type": "WEB",
       "url": "https://vuldb.com/?submit.458897"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.fujifilm.com/fbglobal/eng/company/news/notice/2024/1226_announce.html"
     }
   ],
   "database_specific": {