CVE-2020-35271

Name of the Vulnerable Software and Affected Versions: Employee Performance Evaluation System in PHP/MySQLi with Source Code version 1.0

Description: The issue concerns cross-site scripting (XSS) in the Employees, First Name, and Last Name fields. This means that an attacker could potentially inject malicious scripts into these fields, which could then be executed by the application, leading to unauthorized actions or data exposure.

Recommendations: For Employee Performance Evaluation System in PHP/MySQLi with Source Code version 1.0, consider validating and sanitizing user input in the Employees, First Name, and Last Name fields to prevent XSS attacks. As a temporary workaround, restrict access to these fields until a proper fix is implemented.