Campcodes Online Traffic Offense Management System is a web-based traffic offense management system. A cross-site scripting vulnerability exists in Campcodes Online Traffic Offense Management System v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter id of the file /classes/Users.php, which could be exploited by an attacker to inject a carefully crafted payload to to execute arbitrary Web script or HTML.