Unknown · Qdocs Smart School Management System · CVE-2026-4991
**Name of the Vulnerable Software and Affected Versions**
QDOCS Smart School Management System versions up to 7.2
**Description**
A cross site scripting issue exists in QDOCS Smart School Management System. The issue is located in the Admission Enquiry Module, specifically within the `/admin/enquiry` file. Manipulating the `Note` argument can trigger the issue. The attack can be carried out remotely.
**Recommendations**
Versions prior to 7.2 should be updated.