Sourcecodester · Sourcecodester Employee Management System · CVE-2025-29719
**Name of the Vulnerable Software and Affected Versions**
SourceCodester (rems) Employee Management System version 1.0
**Description**
The issue concerns Cross Site Scripting (XSS) in the add employee.php file, specifically via the `First Name` and `Address` text fields. This allows for potential malicious script injection.
**Recommendations**
For SourceCodester (rems) Employee Management System version 1.0, consider validating and sanitizing user input for the `First Name` and `Address` fields in the add employee.php file to prevent XSS attacks. As a temporary workaround, restrict access to the add employee.php file until a proper fix is implemented.