Innocence3130

**Name of the Vulnerable Software and Affected Versions** itsourcecode Payroll Management System version 1.0 **Description** A flaw exists in itsourcecode Payroll Management System that allows for cross site scripting. The issue is related to the manipulation of the `ID` argument within an unknown function of the `/manage employee allowances.php` file. This manipulation can be carried out remotely. The exploit for this issue has been publicly disclosed. **Recommendations** Apply a fix for itsourcecode Payroll Management System version 1.0. As a temporary workaround, consider restricting access to the `/manage employee allowances.php` file.