H1Mm

**Name of the Vulnerable Software and Affected Versions** code-projects Chamber of Commerce Membership Management System version 1.0 **Description** A flaw exists in the Your Info Handler component of the software, specifically within the `/membership profile.php` file. Manipulation of the `Full Name`, `Address`, `City`, or `State` arguments can lead to cross site scripting. This issue is remotely exploitable, and details about the exploit are publicly available. **Recommendations** Apply a fix for version 1.0 to address the cross site scripting issue. As a temporary workaround, consider sanitizing the `Full Name`, `Address`, `City`, and `State` input parameters to prevent malicious script injection.