CVE-2023-47446

Name of the Vulnerable Software and Affected Versions Pre-School Enrollment version 1.0

Description The issue concerns a Cross Site Scripting (XSS) vulnerability. It occurs on the profile.php page via the fullname parameter. This allows for potential malicious script injection, affecting the security of the system.

Recommendations For Pre-School Enrollment version 1.0, consider restricting access to the profile.php page or validating and sanitizing the fullname parameter to prevent XSS attacks. As a temporary workaround, avoid using the fullname parameter in the affected page until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.