CVE-2026-12176 MEDIUM

CVE-2026-12176: SourceCodester CET Automated Grading System with AI Predictive Analytics index.php cross site scripting

Vendor Sourcecodester

Product CET Automated Grading System with AI Predictive Analytics

Weakness CWE-79 · XSS

Published June 13, 2026

Last update June 15, 2026

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

Description

A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

Key dates

Disclosure timeline

June 13, 2026 CVE published

June 15, 2026 Record updated

Identifiers

CVE CVE-2026-12176

CWE CWE-79

CVSS 5.3 / MEDIUM

Affected versions

Vendor Sourcecodester

Product CET Automated Grading System with AI Predictive Analytics

Affected 1.0