XSS Vulnerability in Armiya Access Control System by Armiya Information Technologies
CVE-2026-7380

6.1MEDIUM

What is CVE-2026-7380?

A vulnerability exists in Armiya Information Technologies' Access Control System (GKS) where improper handling of Script-Related HTML tags can allow an attacker to inject malicious scripts. This type of Cross-Site Scripting (XSS) flaw specifically targets HTML attributes, potentially compromising user data and allowing unauthorized actions. Users of GKS before version 2 are especially at risk, making it crucial to implement security measures to mitigate this threat.

Affected Version(s)

Access Control System (GKS) 0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mert TURAN
.