CVE-2025-9746 is a cross-site scripting (XSS) vulnerability identified in version 1.0 of the Campcodes Hospital Management System, specifically within the /admin/edit-doctor-specialization.php file of the Edit Doctor Specialization Page component. This vulnerability arises due to insufficient input validation or output encoding in an unknown function of this page, allowing an attacker to inject malicious scripts. The vulnerability can be exploited remotely without authentication, but requires user interaction, such as an administrator visiting a crafted URL or page. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:H indicates high privileges required, but the vector states PR:H which conflicts with no authentication; the description states no authentication, so likely a discrepancy), user interaction required (UI:P), no impact on confidentiality or availability, and low impact on integrity. The exploit is publicly available, increasing the risk of exploitation, although no known exploits in the wild have been reported yet. The vulnerability's medium severity rating reflects its potential to execute arbitrary scripts in the context of an administrative user, potentially leading to session hijacking, unauthorized actions, or further compromise of the hospital management system. Given the critical nature of healthcare data and the administrative context, this vulnerability poses a significant risk to system integrity and user trust.

For European organizations, particularly healthcare providers using Campcodes Hospital Management System 1.0, this vulnerability could lead to unauthorized execution of scripts within the administrative interface. This may result in session hijacking, unauthorized modification of doctor specializations or other sensitive data, and potential pivoting to other parts of the hospital network. The exposure of administrative credentials or session tokens could compromise patient data confidentiality indirectly, even though the vulnerability itself does not directly impact confidentiality. Disruption or manipulation of hospital management functions could affect healthcare delivery and compliance with GDPR, leading to legal and reputational consequences. The public availability of the exploit increases the urgency for European healthcare organizations to address this vulnerability promptly.

1. Immediate application of patches or updates from Campcodes once available; if no patch is currently available, implement virtual patching via web application firewalls (WAF) to detect and block malicious payloads targeting /admin/edit-doctor-specialization.php. 2. Enforce strict input validation and output encoding on all user inputs in the affected component, especially sanitizing inputs that are reflected in the admin interface. 3. Limit administrative access to the hospital management system via network segmentation and VPNs to reduce exposure to remote attacks. 4. Implement multi-factor authentication (MFA) for administrative accounts to mitigate the impact of session hijacking. 5. Monitor logs for unusual activity related to the Edit Doctor Specialization page and conduct regular security audits. 6. Educate administrative users about the risks of clicking on untrusted links or opening suspicious content that could trigger the XSS payload. 7. Consider deploying Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts within the admin interface.