{"id":81226,"date":"2026-06-29T13:15:07","date_gmt":"2026-06-29T09:45:07","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-13556-itsourcecode-online-hotel-management-system-post-request-controller-php-edit-cross-site-scripting\/"},"modified":"2026-06-29T13:15:07","modified_gmt":"2026-06-29T09:45:07","slug":"cve-2026-13556-itsourcecode-online-hotel-management-system-post-request-controller-php-edit-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-13556-itsourcecode-online-hotel-management-system-post-request-controller-php-edit-cross-site-scripting\/","title":{"rendered":"CVE-2026-13556 &#8211; itsourcecode Online Hotel Management System POST Request controller.php edit cross site scripting"},"content":{"rendered":"<p>CVE ID :CVE-2026-13556<\/p>\n<p>  Published : June 29, 2026, 9:45 a.m. | 2\u00a0hours ago<\/p>\n<p>  Description :A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file \/admin\/mod_users\/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.<\/p>\n<p>  Severity: 0.0 | NA<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-13556 Published : June 29, 2026, 9:45 a.m. | 2\u00a0hours ago Description :A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file \/admin\/mod_users\/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be initiated &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-81226","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81226","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=81226"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81226\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=81226"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=81226"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=81226"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}