PT-2026-43184 · Itsourcecode · Electronic Judging System

I-Ovo-I

·

Published

2026-05-26

·

Updated

2026-05-26

·

CVE-2026-9527

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions itsourcecode Electronic Judging System version 1.0
Description An issue exists in the processing of the '/admin/judges.php' endpoint. Manipulation of the fname argument allows for cross-site scripting, which can be exploited remotely.
Recommendations Update itsourcecode Electronic Judging System version 1.0 to a newer version that contains a fix. As a temporary workaround, restrict access to the '/admin/judges.php' endpoint or avoid using the fname parameter until the issue is resolved.

Exploit

Fix

XSS

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9527

Affected Products

Electronic Judging System