EUVD-2026-16803

| CVE-2026-4971 MEDIUM
2026-03-27 VulDB
5.3
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
P
Scope
X

Lifecycle Timeline

4
PoC Detected
Mar 30, 2026 - 13:26 vuln.today
Public exploit code
Analysis Generated
Mar 27, 2026 - 19:30 vuln.today
EUVD ID Assigned
Mar 27, 2026 - 19:30 euvd
EUVD-2026-16803
CVE Published
Mar 27, 2026 - 19:15 nvd
MEDIUM 5.3

Tags

CSRF

Description

A weakness has been identified in SourceCodester Note Taking App up to 1.0. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Analysis

Cross-site request forgery (CSRF) in SourceCodester Note Taking App up to version 1.0 allows remote attackers to perform unauthorized actions via crafted requests, exploiting lack of CSRF token validation. The vulnerability requires user interaction (clicking a malicious link) but carries no authentication barrier. …

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 30 days: Identify affected systems running SourceCodester Note Taking App and apply vendor patches as part of regular patch cycle. Verify anti-CSRF tokens are enforced.

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

47
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +26
POC: +20

Share

EUVD-2026-16803 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy