CVE-2026-11338
Published: Fri, 05 Jun 2026 17:16
Summary
A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user. The manipulation of th
Details
A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage_user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Are YOU affected by CVE-2026-11338?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether CVE-2026-11338 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
References
- https://medium.com/@hemantrajbhati5555/stored-cross-site-scripting-stored-xss-in-username-field-leads-to-arbitrary-javascript-execution-cd377841da30
- https://vuldb.com/cve/CVE-2026-11338
- https://vuldb.com/submit/832571
- https://vuldb.com/vuln/368880
- https://vuldb.com/vuln/368880/cti
- https://www.sourcecodester.com/
- https://medium.com/@hemantrajbhati5555/stored-cross-site-scripting-stored-xss-in-username-field-leads-to-arbitrary-javascript-execution-cd377841da30
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.