CVE-2026-3984

low

Published 2026-03-12 · Modified 2026-04-29

CVSS v3

3.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CVSS v2

4.0

VIR risk

3.5

Description

A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file save_up_athlete.php. This manipulation of the argument a_name causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks.

Predictions

Exploit likelihood

45%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

https://github.com/LaneyYu/cve/issues/11
https://vuldb.com/?ctiid.350420
https://vuldb.com/?id.350420
https://vuldb.com/?submit.769721
https://www.campcodes.com/

CWEs

CWE-79 CWE-94

Verify integrity in audit chain (admin only). AS-IS.