CVE-2023-3060

Name of the Vulnerable Software and Affected Versions code-projects Agro-School Management System version 1.0

Description A vulnerability has been found in the code-projects Agro-School Management System, affecting the function doAddQuestion of the file btn functions.php. The manipulation of the argument Question leads to cross-site scripting. The attack can be initiated remotely.

Recommendations For version 1.0, consider disabling the doAddQuestion function until a patch is available to prevent cross-site scripting attacks. Restrict access to the btn functions.php file to minimize the risk of exploitation. Avoid using the Question argument in the affected function until the issue is resolved.