CVE-2023-40851

Name of the Vulnerable Software and Affected Versions Phpgurukul User Registration & Login and User Management System With admin panel version 3.0

Description The issue allows attackers to run arbitrary code via the fname, lname, email, and contact fields of the user registration page. This is a Cross Site Scripting (XSS) issue, which means attackers can inject malicious scripts into the website, potentially leading to unauthorized actions.

Recommendations For Phpgurukul User Registration & Login and User Management System With admin panel version 3.0, consider validating and sanitizing user input for the fname, lname, email, and contact fields to prevent malicious code injection. As a temporary workaround, restrict access to the user registration page until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.