A vulnerability was found in code-projects Online Music Site 1.0 and classified as problematic . This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler . The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting. This vulnerability is cataloged as CVE-2026-13567 . The attack may be launched remotely. Furthermore, there is an exploit available.