A vulnerability, which was classified as problematic, was found in RemoteClinic up to 2.0. This vulnerability affects unknown code of the file /staff/edit.php. Executing manipulation of the argument Last Name can lead to cross site scripting.

This vulnerability is tracked as CVE-2025-9773. The attack can be launched remotely. Moreover, an exploit is present.