Cross Site Scripting Vulnerability in Akpali9 Attendance-Management-System
CVE-2026-15493
5.1MEDIUM
What is CVE-2026-15493?
A cross site scripting vulnerability exists in the Akpali9 Attendance-Management-System, specifically related to the processing of the absent.php file. An attacker can exploit this flaw by manipulating the export_date argument, potentially executing arbitrary scripts in the context of the user's browser. This vulnerability allows for remote attacks, putting user data and session integrity at risk. As this product utilizes a rolling release model, specific version information is not made available, creating challenges for timely updates and mitigation strategies. Despite early notification, the vendor has not responded to address the security concern.
Affected Version(s)
Attendance-Management-System 70b91fe38f4195b701a45f0edcd4f42d5f64aeee
