CVE-2026-30561 in SourceCodester Sales and Inventory SystemИнформация

Сводка (Английский)

A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_purchase.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.

Ответственный

MITRE

Резервировать

04.03.2026

Раскрытие

30.03.2026

Записи

ИДУязвимостьCWEБазаТемп0dayСегодняЭксKEVEPSSCTIКонCVE
354210SourceCodester Sales and Inventory System Parameter add_purchase.php межсайтовый скриптинг794.34.2$0-$5k$0-$5kНе определено 0.000001.43+Не определеноCVE-2026-30561

показать больше

ПредыдущийОбзорДалее

Want to know what is going to be exploited?

We predict KEV entries!