What is CVE-2026-9485?

CVE-2026-9485 is a low-severity vulnerability in Sourcecodester Student Grades Management System, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2026-05-25.

How severe is CVE-2026-9485?

Low severity. CVSS v3 base score is 3.5 out of 10.

RCE in Sourcecodester Student Grades Management System

CVE-2026-9485

A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument Remarks leads to cross site scripting. R…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (9.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.5 (Low). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N.

Affected products

Sourcecodester Student Grades Management System — versions 1.0

Weakness classification (CWE)

References

cna@vuldb.com (technical-description, vdb-entry)
cna@vuldb.com (signature, permissions-required)
cna@vuldb.com (third-party-advisory)
cna@vuldb.com (exploit)
cna@vuldb.com (product)

Frequently asked questions

What is CVE-2026-9485?: CVE-2026-9485 is a low-severity vulnerability in Sourcecodester Student Grades Management System, classified under Cross-site Scripting. CVSS score: 3.5/10. Published 2026-05-25.
How severe is CVE-2026-9485?: Low severity. CVSS v3 base score is 3.5 out of 10.