CVE-2026-13504

A vulnerability has been found in code-projects Project Management System 1.0. This vulnerability affects unknown code of the file /mail.php of the component Mail Compose Page. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Configurations

No configuration.

History

28 Jun 2026, 16:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-28 16:16

Updated : 2026-06-30 18:16


NVD link : CVE-2026-13504

Mitre link : CVE-2026-13504

CVE.ORG link : CVE-2026-13504


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-94

Improper Control of Generation of Code ('Code Injection')