A vulnerability was found in SourceCodester Ship Ferry Ticket Reservation System 1.0 . It has been rated as problematic . Impacted is an unknown function of the file /admin/?page=user/manage_user . The manipulation of the argument Username leads to cross site scripting. This vulnerability is traded as CVE-2026-11338 . It is possible to initiate the attack remotely. Furthermore, there is an exploit available.