CVE-2026-3982

Name of the Vulnerable Software and Affected Versions itsourcecode University Management System version 1.0

Description A flaw exists in itsourcecode University Management System that allows for cross site scripting. This issue is related to an unknown functionality within the /view result.php file. Manipulating the vr argument can trigger the flaw, allowing for remote execution of attacks. The exploit for this issue has been publicly disclosed.

Recommendations Versions prior to 1.0 should be updated. As a temporary workaround, consider restricting access to the /view result.php file to minimize the risk of exploitation. Avoid manipulating the vr argument in the affected API endpoint until the issue is resolved.