Suggested description Sourcecodester Best courier management system v1.0 is vulnerable to Cross Site Scripting (XSS) in the change username field.
Additional Information Here I update the video POC on the you tube : https://youtu.be/f8B3_m5YfqI
Affected Product Code Base Open Source
Affected Component change username field
Attack Type Remote
Attack Vectors upload the XSS payload in username field
Reference https://youtu.be/f8B3_m5YfqI
Discoverer sajal jat