Vulnerability Summary CVE ID: CVE-2024-46336 Product: School Management System project in PHP Vendor: kashipara Affected Version: V1.0 Vulnerability Type: Cross Site Scripting (XSS) --- Description kashipara School Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via . --- Proof of Concept (PoC) URL parameter ( ) in . To exploit the vulnerability, the attacker can inject JS code through vulnerable parameters. --- References https://www.kashipara.com/project/php/73/school-management-system-download-project-source-code-in-php