CVE-2026-0580

LOW 3.5

SourceCodester API Key Manager App Import Key cross site scripting

CVSS Score

3.5

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability was found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability is an unknown functionality of the component Import Key Handler. Performing a manipulation results in cross site scripting. The attack can be initiated remotely.

CWE	CWE-79 CWE-94
Vendor	sourcecodester
Product	api key manager app
Published	Jan 5, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for sourcecodester api key manager app

Be the first to know when new low vulnerabilities affecting sourcecodester api key manager app are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

SourceCodester / API Key Manager App

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.339472 vuldb.com: https://vuldb.com/?ctiid.339472 vuldb.com: https://vuldb.com/?submit.731146 vuldb.com: https://vuldb.com/?submit.731290 sourcecodester.com: https://www.sourcecodester.com/

Credits

🔍 Kamran Saifullah (VulDB User)