Medium severity4.3NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2026-9448
CVE-2026-9448
Description
A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown function of the file /applyleave.php. Executing a manipulation of the argument ID can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =1.0
Patches
Vulnerability mechanics
References
5News mentions
1- Code Projects Employee Management System: Nine SQLi and XSS Flaws Disclosed in a Single BatchVypr Intelligence · May 25, 2026