Kever12138

**Name of the Vulnerable Software and Affected Versions** romadebrian WEB-Sekolah version 1.0 **Description** A vulnerability has been found in the file /Admin/Proses Edit Akun.php of the component Backend. The manipulation of the argument `Username Baru`/`Password` leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For romadebrian WEB-Sekolah version 1.0, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting access to the `/Admin/Proses Edit Akun.php` file until a patch is available. Avoid using the `Username Baru` and `Password` arguments in the affected API endpoint until the issue is resolved.