What is CVE-2026-11520?

CVE-2026-11520 is a low-severity vulnerability, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2026-06-08.

How severe is CVE-2026-11520?

Low severity. CVSS v3 base score is 3.5 out of 10.

CVE-2026-11520

CVE-2026-11520

A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remote…

Vulnerability class: XSS (Cross-Site Scripting)

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N.

Weakness classification (CWE)

CWE-79 — Cross-site Scripting
CWE-94 — Code Injection

References

cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com
cna@vuldb.com

Frequently asked questions

What is CVE-2026-11520?: CVE-2026-11520 is a low-severity vulnerability, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2026-06-08.
How severe is CVE-2026-11520?: Low severity. CVSS v3 base score is 3.5 out of 10.