Cross-Site Scripting Vulnerability in Armiya Information Technologies' Access Control System
CVE-2026-8309

5.4MEDIUM

What is CVE-2026-8309?

A vulnerability has been identified in the Access Control System (GKS) by Armiya Information Technologies, allowing for improper handling of input during web page generation. This flaw can lead to reflected cross-site scripting (XSS), potentially enabling attackers to execute arbitrary scripts in the context of users' browsers. Such exploitation could compromise user sessions, deface web content, or redirect users to malicious sites. It is crucial for users of versions prior to 2 to implement security measures to mitigate this risk.

Affected Version(s)

Access Control System (GKS) 0

References

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Mert TURAN
.