A vulnerability identified as problematic has been detected in SourceCodester SUP Online Shopping 1.0 . The impacted element is an unknown function of the file /admin/productedit.php . The manipulation of the argument productName leads to cross site scripting. This vulnerability is traded as CVE-2026-9377 . It is possible to initiate the attack remotely. Furthermore, there is an exploit available.