Student Attendance Management System is a student attendance management system. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data in the className parameter of the createClass.php file, which can be exploited to cause cross-site scripting attacks.