CVE-2022-34580

Name of the Vulnerable Software and Affected Versions Advanced School Management System version 1.0

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability can be exploited via the address parameter at the "ip/school/index.php" endpoint.

Recommendations For Advanced School Management System version 1.0, avoid using the address parameter in the "ip/school/index.php" endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.