CVE-2026-30527

Published: Mar 27, 2026 Last Modified: Mar 27, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

A Stored Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Category management module within the admin panel. The application fails to properly sanitize user input supplied to the 'Category Name' field when creating or updating a category. When an administrator or user visits the Category list page (or any page where this category is rendered), the injected JavaScript executes immediately in their browser.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 2 Days)

https://github.com/meifukun/Web-Security-PoCs/blob/main/Onl…

https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-Sy…

CVE-2026-30527

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 2 Days)

Iscriviti alla newsletter