CVE-2021-28424

A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt