Ajmal

**Name of the Vulnerable Software and Affected Versions** PHPGURUKUL Online Birth Certificate System version 1.0 **Description** A Stored Cross-Site Scripting (XSS) issue was identified in the PHPGURUKUL Online Birth Certificate System. The issue arises via the profile name to the "/user/certificate-form.php" API endpoint. This allows for potential malicious script execution. **Recommendations** For PHPGURUKUL Online Birth Certificate System version 1.0, consider disabling the profile name field in the "/user/certificate-form.php" endpoint until a patch is available to prevent exploitation of the Stored Cross-Site Scripting issue.