CVE-2026-4356

CVSS v2.0

3.3

Vector

AV:N/AC:L/Au:M/C:N/I:P/A:N

A flaw has been found in itsourcecode University Management System 1.0. Affected is an unknown function of the file /add result.php. Executing a manipulation of the argument vr can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.

Exploit

Fix

Code Injection

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-79

Related Identifiers

CVE-2026-4356

Affected Products

University Event Management System

CVE-2026-4356

Weakness Enumeration

Related Identifiers

Affected Products

References · 6