Cross Site Scripting Vulnerability in SourceCodester Doctor Appointment System
CVE-2026-36324

Currently unrated

Key Information:

Vendor: SourceCodester
Status: Doctor Appointment System
Vendor: CVE Published:; 29 May 2026

🔔 Create SourceCodester Vulnerability Alert

What is CVE-2026-36324?

The SourceCodester Doctor Appointment System version 1.0 contains a vulnerability that allows an attacker to exploit Cross Site Scripting (XSS) through improper handling of user inputs during the registration process. Specifically, in the register.php file, user-supplied data is not adequately sanitized, enabling potential attackers to inject malicious scripts. This vulnerability compromises user data and could lead to unauthorized actions on behalf of legitimate users. It is critical for users of this system to implement necessary security measures to protect against such vulnerabilities.

References

https://www.sourcecodester.com/php/18453/doctor-appointme...

https://github.com/adhiyaksactf/MyCVE-Disclosures/blob/ma...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 29, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-36324 Data

JSON