CVE-2026-3819

EUVD-2026-10336
A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=manage_reservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 LOW
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
VulDBCNA
3.5 LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
oretnom23resort_reservation_system
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://medium.com/@rvpipalwa/stored-cross-site-scripting-xss-in-reservation-management-sourcecodester-resort-reservation-894ee77d7312
https://vuldb.com/?ctiid.349785
https://vuldb.com/?id.349785
https://vuldb.com/?submit.769578
https://www.sourcecodester.com/