CVE-2026-13556
⚪ Do wiadomości
Wstrzyknięcie skryptów w itsourcecode Online Hotel Management System umożliwia atak XSS.
CVSS
4.3
EPSS
0.0%
Exploit
none
Vendor
Opis źródłowy (NVD)
A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/mod_users/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
xss
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 4.3 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.0% |
| Opublikowano (NVD) | 2026-06-29 10:16:29 UTC |
| Ostatnia modyfikacja (NVD) | 2026-06-29 18:41:05 UTC |
Referencje
- https://github.com/Hh-176/CVE/issues/7 (cna@vuldb.com)
- https://itsourcecode.com/ (cna@vuldb.com)
- https://vuldb.com/cve/CVE-2026-13556 (cna@vuldb.com)
- https://vuldb.com/submit/843586 (cna@vuldb.com)
- https://vuldb.com/vuln/374564 (cna@vuldb.com)
- https://vuldb.com/vuln/374564/cti (cna@vuldb.com)