PHPGurukul Human Metapneumovirus Testing Management System Cross-Site Scripting Vulnerability

A cross-site scripting (XSS) vulnerability has been identified in PHPGurukul Human Metapneumovirus Testing Management System version 1.0. The issue arises in an unknown function of the file '/search-report.php' within the Search Report Page component. This vulnerability allows for remote exploitation, requiring user interaction from the victim.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, navigate to the 'search-report.php' page in the application. The vulnerability can be exploited by injecting a script into a user input field that is not properly sanitized before being displayed. This can be done by, for example, using a Google search query that targets the 'search-report.php' file.