CVE-2026-30570

UNKNOWN NVD

CVSS Score 0

Severity UNKNOWN

Published Mar 27, 2026

Vendor unknown

Description

A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.

References

https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-ViewSales-limit.md