Vulnerability Details CVE-2026-30570
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0 in the view_sales.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 23.0%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2026-30570
-
cpe:2.3:a:ahsanriaz26gmailcom:inventory_system:1.0