Stored XSS Vulnerability in PHPGurukul Daily Expense Tracker System
CVE-2021-26304
5.4MEDIUM
What is CVE-2021-26304?
The Daily Expense Tracker System 1.0 from PHPGurukul is susceptible to a stored cross-site scripting (XSS) vulnerability through the Item parameter in add-expense.php. This flaw allows attackers to inject malicious scripts, potentially compromising user sessions and data integrity.