CVE-2022-1076

Name of the Vulnerable Software and Affected Versions Automatic Question Paper Generator System version 1.0

Description A problematic issue has been found, affecting the My Account Page component, specifically the file /aqpg/users/login.php. The manipulation of the First Name, Middle Name, and Last Name arguments leads to cross-site scripting. This issue can be exploited remotely.

Recommendations For Automatic Question Paper Generator System version 1.0, as a temporary workaround, consider restricting user input for the First Name, Middle Name, and Last Name arguments in the login.php file to minimize the risk of cross-site scripting exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.