CVE-2026-9582
Cross-Site Request Forgery in CET Automated Grading System with AI Predictive Analytics
Publication date: 2026-05-26
Last updated on: 2026-05-26
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sourcecodester | cet_automated_grading_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
| CWE-352 | The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a security flaw found in SourceCodester CET Automated Grading System with AI Predictive Analytics version 1.0. It involves an unknown function that can be manipulated to perform a cross-site request forgery (CSRF) attack. This type of attack can be executed remotely, meaning an attacker does not need physical access to the system to exploit it. The exploit for this vulnerability has been publicly released, increasing the risk of attacks.
How can this vulnerability impact me? :
The vulnerability allows an attacker to perform cross-site request forgery attacks remotely. This means an attacker could trick a user into executing unwanted actions on the affected system without their consent. Such actions could lead to unauthorized operations being performed, potentially compromising the integrity of the system or the user's data.