# Exploit Title: Multi Branch School Management System 3.5 - "Create Branch" Stored XSS # Exploit Author: Kislay Kumar # Date: 2020-12-21 # Google Dork: N/A # Vendor Homepage: https://www.ramomcoder.com/ # Software Link: https://codecanyon.net/item/ramom-multi-branch-school-management-system/25182324 # Affected Version: 3.5 # Category: Web Application # Tested on: Kali Linux Step 1. Login as Super Admin. Step 2. Select "Branch" from menu and after that click on "Create Branch". Step 3. Insert payload - "> in "Branch Name" , "School Name" , "Mobile No." , "Currency" , "Symbol" , "City" and "State". Step 4. Now Click on "Save" and you will get a list of alert boxes.