CVE-2026-11520
LowCVSS 3.5Summary
A weakness has been identified in SourceCodester Inventory System 1.0. The issue affects some unknown functionality of the file header.php, leading to cross-site scripting (XSS) attacks.
Risk Assessment
An attacker can remotely exploit this vulnerability to carry out XSS attacks, potentially leading to user data theft or session hijacking.
Recommendation
It is recommended to update the system to the latest version and implement input data filtering to minimize the risk of XSS attacks.
Original NVD description (English source)
A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. Multiple parameters might be affected.

