CVE-2026-30560

Published: Mar 30, 2026 Last Modified: Mar 30, 2026

ExploitDB:

Other exploit source:

Google Dorks:

Description

AI Translation Available

A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the 'msg' parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.

https://github.com/meifukun/Web-Security-PoCs/blob/main/Inv…

https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/XSS-Ad…

CVE-2026-30560

Description

Iscriviti alla newsletter