Low severity3.5NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2026-9414
CVE-2026-9414
Description
A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.php of the component Invoice Template Render Database-Backed. The manipulation of the argument customer_name results in cross site scripting. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.0
Patches
Vulnerability mechanics
References
5News mentions
1- Sourcecodester: 19 CVEs Across Six Products Disclosed in Three-Day BatchVypr Intelligence · May 26, 2026