CVE-2026-16155
LOW
NVD
CVSS Score
3.5
Severity
LOW
Published
Jul 18, 2026
Vendor
unknown
Description
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /schoolyr.php. The manipulation of the argument sy leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.