Cross Site Scripting Vulnerability in PHPGurukul Online Fire Reporting System
CVE-2023-36940
4.8MEDIUM
What is CVE-2023-36940?
A Cross Site Scripting (XSS) vulnerability exists in the PHPGurukul Online Fire Reporting System, version 1.2. This security flaw allows malicious actors to inject arbitrary code into the application via a maliciously crafted payload entered into the search field. If successfully exploited, this vulnerability could lead to unauthorized actions being executed within the browser context of users, posing significant risks to data integrity and confidentiality. Organizations utilizing this system are urged to implement security measures to mitigate potential exploitation.