CVE-2026-9527 PUBLISHED

A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

• i-OvO-i (VulDB User) reporter

• VDB-365546 | itsourcecode Electronic Judging System judges.php cross site scripting
• VDB-365546 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #814715 | itsourcecode Electronic Judging System V1.0 cross site scripting
• https://github.com/i-QvQ-i/first-OvO/issues/1
• https://itsourcecode.com/

• Cross Site Scripting CWE
• Code Injection CWE