CVE-2020-22167

PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cross-Site Scripting vulnerability in \hms\admin\appointment-history.php. Remote registered users can exploit the vulnerability to obtain user cookie data. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt