← Back

CVE-2025-63513

nvd nist
Published: Nov 18, 2025Modified: Nov 20, 2025

JSON object

Loading...
6.5
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.8 / Impact: 3.6
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

kishan0725 Hospital Management System v4 has an Insecure Direct Object Reference (IDOR) vulnerability in the appointment cancellation functionality.

Affected (1)

Kishan0725
1 product
Hospital Management System
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Hospital Management System
Version 4.0

Related CWEs

CWE-639
Authorization Bypass Through User-Controlled Key
The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.

References (3)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Issue TrackingVendor Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Issue TrackingVendor Advisory

Timeline

No history available yet.