CVE-2024-55056

Name of the Vulnerable Software and Affected Versions Phpgurukul Online Birth Certificate System version 1.0

Description A stored cross-site scripting (XSS) issue was identified in the /user/certificate-form.php endpoint via the full name field. This allows for malicious scripts to be stored and executed, potentially affecting users of the system.

Recommendations For Phpgurukul Online Birth Certificate System version 1.0, consider disabling the /user/certificate-form.php endpoint or restricting access to it until a patch is available. Additionally, avoid using the full name field in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.