CVE-2026-3302 PUBLISHED

A weakness has been identified in SourceCodester Doctor Appointment System 1.0. Affected by this issue is some unknown functionality of the file /register.php of the component Sign Up Page. Executing a manipulation of the argument Email can lead to cross site scripting. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.

• waimanlo (VulDB User) reporter

• VDB-348053 | SourceCodester Doctor Appointment System Sign Up register.php cross site scripting
• VDB-348053 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #762427 | SourceCodester Doctor Appointment System 1 Cross Site Scripting
• https://github.com/rayficom/Proof-of-Concept/blob/main/20260219/README.md
• https://www.sourcecodester.com/

• Cross Site Scripting CWE
• Code Injection CWE