CVE-2026-11512 PUBLISHED

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used.

• Aki123 (VulDB User) reporter

• VDB-369132 | itsourcecode Hospital Management System billing.php cross site scripting
• VDB-369132 | CTI Indicators (IOB, IOC, TTP, IOA)
• CVE-2026-11512 | CVE Analysis and Report
• Submit #836161 | itsourcecode Hospital Management System V1.0 Cross Site Scripting
• https://github.com/ltranquility/vuln_submit/issues/13
• https://itsourcecode.com/

• Cross Site Scripting CWE
• Code Injection CWE