A vulnerability was found in itsourcecode Online Hotel Management System 1.0 . It has been rated as problematic . This affects an unknown part of the file /admin/mod_users/controller.php?action=edit of the component POST Request Handler . This manipulation of the argument Name causes cross site scripting. This vulnerability appears as CVE-2026-13556 . The attack may be initiated remotely. In addition, an exploit is available.