PT-2026-29534 · Sourcecodester · Zoo Management System
Published
2026-04-01
·
Updated
2026-04-01
·
CVE-2026-30526
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SourceCodester Zoo Management System version 1.0
Description
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the login page of the application. The vulnerability is located within the
msg parameter. The application reflects the content of the msg parameter back to the user without proper HTML encoding or sanitization, allowing for the injection of arbitrary web scripts or HTML via a crafted URL.Recommendations
Update to a newer version that contains a fix for this vulnerability.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Zoo Management System