CVE Catalog

CVE-2026-11520

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Summary

A weakness has been identified in SourceCodester Inventory System 1.0. The issue affects some unknown functionality of the file header.php, leading to cross-site scripting (XSS) attacks.

Risk Assessment

An attacker can remotely exploit this vulnerability to carry out XSS attacks, potentially leading to user data theft or session hijacking.

Recommendation

It is recommended to update the system to the latest version and implement input data filtering to minimize the risk of XSS attacks.

Original NVD description (English source)

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Multiple parameters might be affected.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS