Puneethreddyhc · Event Management System · CVE-2025-56243
**Name of the Vulnerable Software and Affected Versions**
PuneethReddyHC Event Management System version 1.0
**Description**
A Cross-Site Scripting (XSS) issue exists in the register.php page. The `event id` GET parameter is improperly handled, allowing an attacker to inject code into this parameter and execute arbitrary JavaScript in a victim’s browser by crafting a malicious URL.
**Recommendations**
Apply appropriate input validation and output encoding to the `event id` GET parameter in the register.php page.