A vulnerability was found in CodeAstro Human Resource Management System 1.0 . It has been declared as problematic . This affects an unknown part of the file /Projects/Add_Projects of the component Projects Management Page . The manipulation of the argument protitle results in cross site scripting. This vulnerability is cataloged as CVE-2026-12130 . The attack may be launched remotely. Furthermore, there is an exploit available.