CVE-2020-28129

Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt