CVE-2026-13570

LOW NVD

CVSS Score 3.5

Severity LOW

Published Jun 29, 2026

Vendor unknown

Description

A vulnerability was detected in SourceCodester Inventory Management System 1.0. Impacted is an unknown function of the file /api/users_handler.php of the component User Registration Endpoint. Performing a manipulation of the argument full_name results in cross site scripting. The attack is possible to be carried out remotely. The exploit is now public and may be used.

References

https://vuldb.com/cve/CVE-2026-13570
https://vuldb.com/submit/844353
https://vuldb.com/vuln/374578
https://vuldb.com/vuln/374578/cti
https://www.sourcecodester.com/