Cross-Site Scripting Vulnerability in Armiya Information Technologies Ltd. Co. Access Control System
CVE-2026-8306

6.1MEDIUM

What is CVE-2026-8306?

A cross-site scripting vulnerability exists in Armiya Information Technologies Ltd. Co. Access Control System (GKS), allowing attackers to inject malicious scripts into web pages generated by the application. When these compromised pages are rendered in a user's browser, the injected scripts can execute, potentially compromising sensitive user data or session information. This vulnerability affects versions of the Access Control System (GKS) prior to Version 2, necessitating prompt updates to mitigate the risk of exploitation.

Affected Version(s)

Access Control System (GKS) 0

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mert TURAN
.