PatchSiren cyber security CVE debrief
CVE-2026-12176 SourceCodester CVE debrief
A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of the argument action leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
- Vendor
- SourceCodester
- Product
- CET Automated Grading System with AI Predictive Analytics
- CVSS
- LOW 2.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-14
- Original CVE updated
- 2026-06-14
- Advisory published
- 2026-06-14
- Advisory updated
- 2026-06-14
Who should care
Users of SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 should apply patches or mitigations to prevent cross-site scripting attacks.
Technical summary
The vulnerability exists in the /index.php file of SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. An unknown function is affected by the 'action' argument, which can be manipulated to execute cross-site scripting (XSS) attacks. The CVSS score for this vulnerability is 2.1, indicating a low severity.
Defensive priority
Low
Recommended defensive actions
- Apply patches or updates provided by the vendor to fix the vulnerability.
- Implement input validation and output encoding to prevent cross-site scripting attacks.
- Use a web application firewall (WAF) to detect and prevent XSS attacks.
Evidence notes
The vulnerability was reported by an unknown vendor and has a low confidence level. The CVE record was published on June 14, 2026, and has not been modified since then.
Official resources
public