A vulnerability marked as problematic has been reported in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /forsubject.php. This manipulation of the argument subject causes cross site scripting.
The identification of this vulnerability is CVE-2026-15595. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.