CVE-2024-44635

Name of the Vulnerable Software and Affected Versions PHPGurukul Student Record System version 3.20

Description The PHPGurukul Student Record System is affected by a Cross-Site Scripting (XSS) issue. The issue is located in the '/admin-profile.php' file and involves the adminname and aemailid parameters. Successful exploitation could allow an attacker to inject malicious scripts into the web page viewed by other users.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, sanitize the adminname and aemailid parameters in the '/admin-profile.php' file to prevent the injection of malicious scripts.