[description] A Reflected Cross-site scripting (XSS) vulnerability in Sourcecodester Task Reminder System 1.0 allows an authenticated user to inject malicious javascript into the page parameter.

[Vulnerability Type] Cross Site Scripting (XSS)

[Vendor of Product] Sourcecodster

[Affected Product Code Base] Task Reminder System - 1.0

[Affected Component] http://localhost/php-trs/admin/ [page parameter]

[Attack Type] Remote

[Attack Vectors] To exploit, an attacker must authenticate to the application. After which the following URL may be input into the browser to show proof of concept: http://localhost/php-trs/admin/?page=reminders%2Fmanage_reminder28988'%3Balert(1)%2F%2F689&id=10

[Reference] s://www.sourcecodester.com/download-code?nid=16451&title=Task+Reminder+System+in+PHP+and+MySQL+Source+Code+Free+Download

[Discoverer] William David Mathisen (d34dun1c02n)