CVE-2026-4969

CWE-79Cross-site Scripting (XSS)CWE-94Code Injection3 documents3 sources
Severity
5.1MEDIUM
EPSS
0.0%
top 91.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Code-projects Social Networking Site
Timeline
PublishedMar 27

Description

A vulnerability was identified in code-projects Social Networking Site 1.0. The impacted element is an unknown function of the file /home.php of the component Alert Handler. The manipulation of the argument content leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
code-projects Social Networking Site Alert home.php cross site scripting2026-03-27
GHSA
GHSA-gchw-hcqm-7h5r: A vulnerability was identified in code-projects Social Networking Site 12026-03-27
CVE-2026-4969 (MEDIUM CVSS 5.1) | A vulnerability was identified in c | cvebase.io