CVE-2023-36158

Name of the Vulnerable Software and Affected Versions sourcecodester Toll Tax Management System version 1.0

Description The issue allows remote attackers to run arbitrary code via the First Name and Last Name fields on the "My Account" page. This is a Cross Site Scripting (XSS) issue, which means an attacker can inject malicious scripts into the website, potentially leading to unauthorized actions.

Recommendations For sourcecodester Toll Tax Management System version 1.0, consider validating and sanitizing user input for the First Name and Last Name fields to prevent malicious code injection. As a temporary workaround, restrict access to the "My Account" page until a proper fix is implemented.