diff --git a/vulnerabilities/other/royalevent-management-xss.yaml b/vulnerabilities/other/royalevent-management-xss.yaml
new file mode 100644
index 0000000000..5648791a1b
--- /dev/null
+++ b/vulnerabilities/other/royalevent-management-xss.yaml
@@ -0,0 +1,63 @@
+id: royalevent-management-xss
+
+info:
+ name: Royal Event - Cross-Site Scripting(XSS)
+ author: ritikchaddha
+ severity: medium
+ description: |
+ Detects an XSS vulnerability in Royal Event System
+ reference:
+ - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
+ tags: xss,authenticated,cms,royalevent
+
+requests:
+ - raw:
+ - |
+ POST /royal_event/ HTTP/1.1
+ Host: {{Hostname}}
+ Content-Length: 353
+ Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCSxQll1eihcqgIgD
+
+ ------WebKitFormBoundaryCSxQll1eihcqgIgD
+ Content-Disposition: form-data; name="username"
+
+ {{username}}
+ ------WebKitFormBoundaryCSxQll1eihcqgIgD
+ Content-Disposition: form-data; name="password"
+
+ {{password}}
+ ------WebKitFormBoundaryCSxQll1eihcqgIgD
+ Content-Disposition: form-data; name="login"
+
+
+ ------WebKitFormBoundaryCSxQll1eihcqgIgD--
+
+ - |
+ POST /royal_event/btndates_report.php HTTP/1.1
+ Host: {{Hostname}}
+ Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryFboH5ITu7DsGIGrD
+
+ ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+ Content-Disposition: form-data; name="todate"
+
+ 2022-12-22
+ ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+ Content-Disposition: form-data; name="search"
+
+ 3
+ ------WebKitFormBoundaryFboH5ITu7DsGIGrD
+ Content-Disposition: form-data; name="fromdate"
+
+ 2022-06-22
+ ------WebKitFormBoundaryFboH5ITu7DsGIGrD--
+
+ cookie-reuse: true
+ matchers-condition: and
+ matchers:
+ - type: word
+ words:
+ - ""
+
+ - type: status
+ status:
+ - 200