Ujjwal Saran

**Name of the Vulnerable Software and Affected Versions** sourcecodester Student Study Center Desk Management System version 1.0 **Description** The issue allows attackers to run arbitrary code via a crafted GET request to the web application URL. This is a Cross Site Scripting (XSS) vulnerability, which means an attacker can inject malicious scripts into a website, potentially allowing them to steal user data or take control of the user's session. **Recommendations** For sourcecodester Student Study Center Desk Management System version 1.0, consider implementing input validation and sanitization for all GET requests to prevent malicious code injection. As a temporary workaround, restrict access to sensitive areas of the web application until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.