Arunmodi

**Name of the Vulnerable Software and Affected Versions** Codeastro Bus Ticket Booking System version 1.0 **Description** A Cross-Site Scripting (XSS) issue exists in the User Registration and User Profile features, allowing an attacker to execute arbitrary code in the `Full Name` and `Address` fields during user registration or profile editing. **Recommendations** For Codeastro Bus Ticket Booking System version 1.0, consider disabling the User Registration and User Profile editing features until a patch is available to prevent exploitation of the XSS issue. Restrict access to the `Full Name` and `Address` fields to minimize the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.