A vulnerability has been found in SourceCodester Prison Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /Employee/changepassword.php. The manipulation of the argument txtold_password/txtnew_password/txtconfirm_password leads to cross site scripting.
This vulnerability was named CVE-2024-4644. The attack can be initiated remotely. Furthermore, there is an exploit available.