CVE-2026-5209

LOW NVD

CVSS Score 2.4

Severity LOW

Published Mar 31, 2026

Vendor unknown

Description

A security vulnerability has been detected in SourceCodester Leave Application System 1.0. Affected by this issue is some unknown functionality of the component User Management Handler. Such manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

References

https://medium.com/@hemantrajbhati5555/stored-cross-site-scripting-xss-in-php-leave-application-system-3260c881a1fa
https://vuldb.com/submit/780417
https://vuldb.com/vuln/354345
https://vuldb.com/vuln/354345/cti
https://www.sourcecodester.com/