CVE-2026-13570 | SourceCodester Inventory Management System 1.0 User Registration Endpoint /api/users_handler.php full_name cross site scripting

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been rated as problematic. Impacted is an unknown function of the file /api/users_handler.php of the component User Registration Endpoint. Performing a manipulation of the argument full_name results in cross site scripting.

This vulnerability is reported as CVE-2026-13570. The attack is possible to be carried out remotely. Moreover, an exploit is present.

CVE-2026-13570 | SourceCodester Inventory Management System 1.0 User Registration Endpoint /api/users_handler.php full_name cross site scripting

Post correlati

CVE-2025-47786 | Emlog 2.5.13 /admin/comment.php perpage_num cross site scripting (GHSA-82qc-9vg7-2c6c)

CVE-2024-1965 | Haivision Aviwest Manager/Aviwest Streamhub Network Configuration server-side request forgery

CVE-2023-53399 | Linux Kernel up to 5.15.110/6.1.27/6.2.14/6.3.1 ksmbd smb2_get_info_filesystem null pointer dereference

CVE-2024-26484 | Kirby CMS 4.1.0 Edit Content Layout Module Link cross site scripting