Cross-Site Scripting Vulnerability in CityPLus by Beyaz Computer Software Design
CVE-2026-5783

7.6HIGH

Key Information:

Vendor: Beyaz Computer Software Design Industry And Trade Ltd. Co.
Status: Cityplus
Vendor: CVE Published:; 20 May 2026

🔔 Create Beyaz Computer Software Design Industry And Trade Ltd. Co. Vulnerability Alert

What is CVE-2026-5783?

A reflected cross-site scripting vulnerability has been identified in CityPLus, developed by Beyaz Computer Software Design Industry and Trade Ltd. Co. This vulnerability arises from improper input neutralization during web page generation, which could allow an attacker to inject malicious scripts. Users of CityPLus versions prior to V24.29750.1.0 are at risk, as the lack of adequate filtering can lead to exploitation of this flaw, enabling the potential for unauthorized actions and information exposure. Immediate attention is recommended to mitigate risks associated with this vulnerability.

Affected Version(s)

CityPLus 0

References

https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/...

government-resource

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2026
Vulnerability Reserved
Apr 8, 2026

Credit

Aleyna KABAL

CVE-2026-5783 Data

JSON