Pipizzz

**Name of the Vulnerable Software and Affected Versions** itsourcecode University Management System version 1.0 **Description** A flaw exists in itsourcecode University Management System that allows for cross site scripting. This issue is related to an unknown functionality within the `/view result.php` file. Manipulating the `vr` argument can trigger the flaw, allowing for remote execution of attacks. The exploit for this issue has been publicly disclosed. **Recommendations** Versions prior to 1.0 should be updated. As a temporary workaround, consider restricting access to the `/view result.php` file to minimize the risk of exploitation. Avoid manipulating the `vr` argument in the affected API endpoint until the issue is resolved.