Tittuvarghese · College Management System · CVE-2026-11337
**Name of the Vulnerable Software and Affected Versions**
tittuvarghese CollegeManagementSystem (affected versions not specified)
**Description**
Cross site scripting is possible via the manipulation of the `department name` argument in the '/dashboard page/forms/fetch.php' endpoint. This allows a remote attacker to execute malicious scripts in the victim's browser.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.