CVE-2026-30526 — A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester…
Image via opengraph.githubassets.com
🚨 CVE-2026-30526 A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within the msg parameter. The application reflects the content of the msg parameter back to the user without proper
Web-Security-PoCs/Zoo-Management-System/Reflected-XSS-Login-msg.md at main · meifukun/Web-Security-PoCs
github.com
What This Means For You
- New vulnerability disclosed — verify if your stack is exposed.
Related ATT&CK Techniques
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-30526 | XSS | SourceCodester Zoo Management System v1.0, login page, msg parameter, reflected without proper HTML encoding or sanitization |
🛠 Recommended Tools
Source & Attribution
| Source Platform | Telegram |
| Channel | CVE Notify |
| Channel ID | 1129491012 |
| Message ID | 158276 |
| Published | April 07, 2026 at 15:26 UTC |
| Original Link | https://github.com/meifukun/Web-Security-PoCs/blob/main/Z... |
This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.
Believe this infringes your rights? Submit a takedown request.
Found this interesting? Follow us to stay ahead.
Share