CVE-2026-12176
MEDIUM
4.3
CVSS 3.1
Description
A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Metadata
Severity & Metrics
4.3
MEDIUM CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SourceCodester | CET Automated Grading System with AI Predictive Analytics | — | 1.0 |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.3 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| 5.0 | N/D | 2.0 | cna | AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR |
| 4.3 | MEDIUM | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R |
| 4.3 | MEDIUM | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R |
References (5)
- VDB-370818 | SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting https://vuldb.com/vuln/370818
- VDB-370818 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/vuln/370818/cti
- CVE-2026-12176 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-12176
- Submit #837732 | https://www.sourcecodester.com/ CET Automated Grading System with AI Predictive Analytics in PHP and MySQL Version: 1.0 Cross Site Scripting - Reflected XSS https://vuldb.com/submit/837732
- https://www.sourcecodester.com/