CVEs-PoC/2020/CVE-2020-16218.md

CVE-2020-16218

Description

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application.

POC

Reference

No PoCs from references.

Github

• https://github.com/404notf0und/CVE-Flow