PT-2026-43184 · Itsourcecode · Electronic Judging System
I-Ovo-I
·
Published
2026-05-26
·
Updated
2026-05-26
·
CVE-2026-9527
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
itsourcecode Electronic Judging System version 1.0
Description
An issue exists in the processing of the '/admin/judges.php' endpoint. Manipulation of the
fname argument allows for cross-site scripting, which can be exploited remotely.Recommendations
Update itsourcecode Electronic Judging System version 1.0 to a newer version that contains a fix. As a temporary workaround, restrict access to the '/admin/judges.php' endpoint or avoid using the
fname parameter until the issue is resolved.Exploit
Fix
XSS
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Electronic Judging System