CVE-2026-36324

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

29/05/2026

Last modified:

29/05/2026

Description

SourceCodester Doctor Appointment System 1.0 is vulnerable to Cross Site Scripting (XSS) due to improper handling of user supplied input in the user registration functionality in register.php.

Impact

References to Advisories, Solutions, and Tools

https://github.com/adhiyaksactf/MyCVE-Disclosures/blob/main/rems-DoctorAppointmentSystem/CVE-2026-36324/README.md
https://www.sourcecodester.com/php/18453/doctor-appointment-system-using-php-and-mysql-source-code.html