CVE-2026-7401 MEDIUM

CVE-2026-7401: SourceCodester CET Automated Grading System with AI Predictive Analytics Registration index.php register cross site scripting

Vendor Sourcecodester

Product CET Automated Grading System with AI Predictive Analytics

Weakness CWE-79 · XSS

Published April 29, 2026

Last update April 29, 2026

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

What the vulnerability does

Description

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument student_id/full_name/section/username results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.

Key dates

Disclosure timeline

April 29, 2026 CVE published

April 29, 2026 Record updated

Identifiers

CVE CVE-2026-7401

CWE CWE-79

CVSS 5.3 / MEDIUM

Affected versions

Vendor Sourcecodester

Product CET Automated Grading System with AI Predictive Analytics

Affected 1.0