Reflected Cross-Site Scripting Vulnerability in Phpgurukul Tourism Management System
CVE-2024-41333
6.1MEDIUM
What is CVE-2024-41333?
A reflected cross-site scripting (XSS) vulnerability has been identified in the Phpgurukul Tourism Management System v2.0. This vulnerability permits attackers to inject malicious payloads through the 'uname' parameter, enabling them to execute arbitrary code within the context of a victim's browser. Exploiting this flaw could allow unauthorized access to sensitive user information and facilitate further attacks. Implementing input validation and output encoding measures could mitigate this risk and protect user data.