CVE-2023-36940

Name of the Vulnerable Software and Affected Versions PHPGurukul Online Fire Reporting System Using PHP and MySQL version 1.2

Description The issue allows attackers to execute arbitrary code via a crafted payload injected into the search field. This is a Cross Site Scripting (XSS) vulnerability.

Recommendations For version 1.2, consider disabling the search function until a patch is available to prevent exploitation. Restrict access to the search field to minimize the risk of arbitrary code execution. Avoid using the search field with untrusted input until the issue is resolved.