Springbot

**Name of the Vulnerable Software and Affected Versions** Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f **Description** A cross-site scripting issue exists in the Admin Add Endpoint component, specifically within the file `/admin/Add%20notice/notice.php`. Manipulation of the `$ SERVER['PHP SELF']` argument can lead to the execution of malicious scripts. The attack can be launched remotely. The exploit is publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.