CVE-2026-16202
LOW
3.5
CVSS 3.1
Description
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Metadata
Severity & Metrics
3.5
LOW CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| SourceCodester | Class and Exam Timetabling System | — | 1.0 |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 5.1 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| 4.0 | N/D | 2.0 | cna | AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR |
| 3.5 | LOW | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R |
| 3.5 | LOW | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R |
References (6)
- VDB-380018 | SourceCodester Class and Exam Timetabling System CYS.php cross site scripting https://vuldb.com/vuln/380018
- VDB-380018 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/vuln/380018/cti
- CVE-2026-16202 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-16202
- Submit #857765 | sourcecodester Class and Exam Timetabling System V1.0 cross site scripting https://vuldb.com/submit/857765
- https://github.com/AlbaDove/cve/issues/9
- https://www.sourcecodester.com/