Single Sign On Portal System
Monthly
WellChoose's Single Sign-On Portal System contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript into user browsers through social engineering. An attacker could leverage this to steal session tokens, credentials, or perform actions on behalf of targeted users. A patch is not currently available; mitigation requires input validation and output encoding controls.
WellChoose's Single Sign-On Portal System contains an OS command injection vulnerability that allows authenticated users to execute arbitrary commands on the affected server. Attackers with valid credentials can exploit this flaw to achieve remote code execution with full system privileges. No patch is currently available for this high-severity vulnerability.
The WellChoose Single Sign-On Portal System contains an OS command injection vulnerability that allows authenticated users to execute arbitrary commands on the affected server. An attacker with valid credentials can bypass input validation to inject malicious OS commands, achieving full system compromise with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.
WellChoose's Single Sign-On Portal System contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript into user browsers through social engineering. An attacker could leverage this to steal session tokens, credentials, or perform actions on behalf of targeted users. A patch is not currently available; mitigation requires input validation and output encoding controls.
WellChoose's Single Sign-On Portal System contains an OS command injection vulnerability that allows authenticated users to execute arbitrary commands on the affected server. Attackers with valid credentials can exploit this flaw to achieve remote code execution with full system privileges. No patch is currently available for this high-severity vulnerability.
The WellChoose Single Sign-On Portal System contains an OS command injection vulnerability that allows authenticated users to execute arbitrary commands on the affected server. An attacker with valid credentials can bypass input validation to inject malicious OS commands, achieving full system compromise with high impact to confidentiality, integrity, and availability. No patch is currently available for this vulnerability.