CVE-2021-27317

Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Appointment System 1.0 allows remote attackers to inject arbitrary web script or HTML via the comment parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt