Cross Site Scripting (XSS) in Insurance Management System v1.0, allows remote attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter at /core/new_category2.
[
{
"cpes": [
"cpe:2.3:a:insurance_management_system_project:insurance_management_system:1.0:*:*:*:*:*:*:*"
],
"vendor": "insurance_management_system_project",
"product": "insurance_management_system",
"versions": [
{
"status": "affected",
"version": "1.0"
}
],
"defaultStatus": "unknown"
}
]