CVE-2021-28424

Name of the Vulnerable Software and Affected Versions: Teachers Record Management System version 1.0

Description: A stored cross-site scripting (XSS) issue allows remote authenticated users to inject arbitrary web script or HTML via the email parameter in the "adminprofile.php" endpoint. This could potentially lead to malicious actions being executed on the system.

Recommendations: For Teachers Record Management System version 1.0, consider restricting access to the adminprofile.php endpoint until a fix is available, and avoid using the email parameter in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.