CVE-2026-9485

CVE Database · CVE-2026-9485

CVE-2026-9485

· LOWDeferred

CVSS v3.1

3.5

CVSS v4.0

2.0

EPSS

0.25%

Published

May 25, 2026

Modified

May 26, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument Remarks leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Weaknesses (CWE)

CWE-79CWE-94

References (5)

https://github.com/Jack-MRJ/Student-Grades-Management-System-Vulnerability-Report

https://vuldb.com/submit/814043

https://vuldb.com/vuln/365466

https://vuldb.com/vuln/365466/cti

https://www.sourcecodester.com/

KEV Catalog EPSS Scores Vendors All CVEs