CloudSchool v3.0.1 is vulnerable to Cross Site Scripting (XSS). A normal user can steal session cookies of the admin users through notification received by the admin user.
CWE-79
CVE-2022-4609
Cross-site Scripting (XSS) – Stored in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-46095
Sourcecodester Covid-19 Directory on Vaccination System 1.0 was discovered to contain a Cross-Site Scripting (XSS) vulnerability via verification.php because the program does not verify the txtvaccinationID parameter.
CVE-2022-46096
A Cross site scripting (XSS) vulnerability in Sourcecodester Online Covid-19 Directory on Vaccination System v1.0 allows attackers to execute arbitrary code via the txtfullname parameter or txtphone parameter to register.php without logging in.
CVE-2022-46128
phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to Cross Site Scripting (XSS) via searchdata=.
CVE-2022-4614
Cross-site Scripting (XSS) – Stored in GitHub repository alagrede/znote-app prior to 1.7.11.