CVE-2026-3812

MEDIUM

itsourcecode Payroll Management System 1.0 - XSS

Title source: llm

Description

A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

References (5)

Scores

CVSS v3 4.3
EPSS 0.0005
EPSS Percentile 14.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-94 CWE-79
Status published
Products (1)
angeljudesuarez/payroll_management_system 1.0
Published Mar 09, 2026
Tracked Since Mar 09, 2026