Erictee2802

**Name of the Vulnerable Software and Affected Versions** SourceCodester Student Result Management System version 1.0 **Description** A problematic issue was found in the Profile Setting Page component, specifically affecting an unknown part of the file `/script/academic/core/update profile`. This leads to cross-site scripting and can be initiated remotely. The issue has been publicly disclosed. **Recommendations** For SourceCodester Student Result Management System version 1.0, consider disabling access to the `/script/academic/core/update profile` file until a patch is available. Restrict the use of the Profile Setting Page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.