Cross Site Scripting Vulnerability in SourceCodester Student Grades Management System
CVE-2026-9485

5.1MEDIUM

Key Information:

Vendor

Sourcecodester
Status
Student Grades Management System
Vendor
CVE Published:
25 May 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2026-9485?

A vulnerability exists in the SourceCodester Student Grades Management System 1.0, specifically within the students.php file. The issue arises from improper handling of user input, allowing an attacker to manipulate the Remarks parameter. This exploitation can lead to cross site scripting attacks, enabling remote attackers to execute arbitrary scripts in the context of the affected user's browser. This vulnerability poses a significant risk, as publicly available exploits could be utilized to compromise the system.

Affected Version(s)

Student Grades Management System 1.0

References

https://vuldb.com/vuln/365466
vdb-entrytechnical-description
https://vuldb.com/vuln/365466/cti
signaturepermissions-required
https://vuldb.com/submit/814043
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

GeekerA (VulDB User)
.