Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.1
QuanticaLabs MediCenter: Malicious Code Can Be Injected via Reflected Attack
CVE-2026-28137
Summary
A security issue in QuanticaLabs MediCenter's web interface allows attackers to inject malicious code into the application. This could potentially allow them to steal sensitive information or take control of user sessions. Update to a fixed version of MediCenter to protect against this risk.
Original title
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs MediCenter - Health Medical Clinic medicenter allows Reflected XSS.This issue affe...
Original description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs MediCenter - Health Medical Clinic medicenter allows Reflected XSS.This issue affects MediCenter - Health Medical Clinic: from n/a through <= 14.9.
nvd CVSS3.1
7.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 5 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026