Suggested description Sourcecodester Best courier management system v1.0 is vulnerable to Cross Site Scripting (XSS) in the change username field.

Additional Information Here I update the video POC on the you tube : https://youtu.be/f8B3_m5YfqI

Affected Product Code Base Open Source

Affected Component change username field

Attack Type Remote

Attack Vectors upload the XSS payload in username field

Reference https://youtu.be/f8B3_m5YfqI

Discoverer sajal jat