Sidzeroday

**Name of the Vulnerable Software and Affected Versions** SourceCodester Student Grades Management System version 1.0 **Description** A security issue exists in SourceCodester Student Grades Management System. The `add user` function within the `/admin.php` file, specifically in the Manage Users Page component, is susceptible to cross site scripting due to manipulation of the `first name` and `last name` arguments. This issue can be exploited remotely. The details of the issue have been publicly disclosed. **Recommendations** Apply any available updates to address the vulnerability in the `add user` function of the `/admin.php` file. As a temporary workaround, consider restricting or sanitizing input to the `first name` and `last name` parameters of the `add user` function.