Tzssz

**Name of the Vulnerable Software and Affected Versions** IT Sourcecode Content Management System Project In PHP and MySQL With Source Code version 1.0.0 **Description** The issue concerns a Cross Site Scripting (XSS) vulnerability. This vulnerability can be exploited via the "/ecodesource/search list.php" API endpoint. Cross Site Scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. This can allow the attacker to steal user data, take control of the user's session, or perform other malicious actions. **Recommendations** For IT Sourcecode Content Management System Project In PHP and MySQL With Source Code version 1.0.0, as a temporary workaround, consider restricting access to the "/ecodesource/search list.php" endpoint until a patch is available. Avoid using this endpoint in a way that could allow an attacker to inject malicious scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.