CVE-2026-14656
Last modified
CVE-2026-14656 is a medium-severity vulnerability rated 4.3/10 on the CVSS scale. A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. EPSS estimates a 0.44% chance of exploitation in the next 30 days.
Description
A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Weakness Enumeration
Affected Software
Source: CNA advisory (CVE.org). NVD analysis pending.
| Vendor | Product | Versions |
|---|---|---|
| code-projects | Assessment Management | 1.0 |
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2026-14656?
How severe is CVE-2026-14656?
How do I fix CVE-2026-14656?
Related CVEs from 2026
- CVE-2026-14650A flaw has been found in connorskees grass up to 0.13.4. The…3.3
- CVE-2026-14651A vulnerability has been found in connorskees grass up to 0.…3.3
- CVE-2026-14652A vulnerability was found in SourceCodester Simple and Nice …7.3
- CVE-2026-14653A vulnerability was determined in SourceCodester Simple and …7.3
- CVE-2026-14654A vulnerability was identified in SourceCodester Simple and …7.3
- CVE-2026-14655A weakness has been identified in code-projects Assessment M…2.4
- CVE-2026-14657A flaw has been found in code-projects Assessment Management…6.3
- CVE-2026-14658A vulnerability was detected in code-projects Assessment Man…6.3
- CVE-2026-14659A vulnerability has been found in itsourcecode Hospital Mana…6.3
- CVE-2026-1466Jirafeau normally prevents browser preview for text files du…6.1
- CVE-2026-14660A vulnerability was found in code-projects Online Job Portal…7.3
- CVE-2026-1467A flaw was found in libsoup, an HTTP client library. This vu…5.3
Are you affected by CVE-2026-14656?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST
