Cross Site Scripting Vulnerability in phpgurukul Teacher Subject Allocation Management System
CVE-2023-46026
4.8MEDIUM
Key Information:
- Vendor
PHPgurukul
- Vendor
- CVE Published:
- 14 November 2023
What is CVE-2023-46026?
The phpgurukul Teacher Subject Allocation Management System version 1.0 is susceptible to a Cross Site Scripting vulnerability due to improper validation of user input in profile.php. Attackers can exploit this flaw by injecting malicious scripts through the 'adminname' and 'email' parameters. This could lead to unauthorized access or manipulation of sensitive data, highlighting the critical need for users to apply security patches and validate input effectively.