CVE-2025-50695

Name of the Vulnerable Software and Affected Versions: PHPGurukul Online DJ Booking Management System version 2.0

Description: The issue concerns Cross Site Scripting (XSS) in specific API endpoints, namely "/admin/view-booking-detail.php" and "/admin/invoice-generating.php".

Recommendations: For PHPGurukul Online DJ Booking Management System version 2.0, consider disabling access to the "/admin/view-booking-detail.php" and "/admin/invoice-generating.php" endpoints until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.