CVE-2026-7230 MEDIUM

CVE-2026-7230: SourceCodester Safety Anger Pad cross site scripting

Vendor Sourcecodester

Product Safety Anger Pad

Weakness CWE-79 · XSS

Published April 28, 2026

Last update April 29, 2026

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used.

Key dates

02Disclosure timeline

April 28, 2026 CVE published

April 29, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-7230 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2015-10019 foxoverflow MySimplifiedSQL MySimplifiedSQL_Examples.php cross site scripting CVE-2021-36843 WordPress Floating Social Media Icon plugin <= 4.3.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability CVE-2024-26102 Adobe Experience Manager | Cross-site Scripting (Reflected XSS) (CWE-79) CVE-2024-49633 WordPress DirectoryPress plugin <= 3.6.19 - Cross Site Scripting (XSS) vulnerability CVE-2024-5125 XSS and Open Redirect via SVG File Upload in parisneo/lollms-webui