Unknown · Complete Online Job Search System · CVE-2022-35163
**Name of the Vulnerable Software and Affected Versions**
Complete Online Job Search System version 1.0
**Description**
A cross-site scripting (XSS) issue was found in the Complete Online Job Search System. The vulnerability can be exploited via the `U NAME` parameter at the "/category/controller.php?action=edit" API endpoint.
**Recommendations**
For Complete Online Job Search System version 1.0, consider restricting access to the `U NAME` parameter in the affected API endpoint until a patch is available. As a temporary workaround, avoid using the `U NAME` parameter in the "/category/controller.php?action=edit" endpoint to minimize the risk of exploitation.