PT-2026-21252 · Key Systems · Global Facilities Management

Chndlrx

Publicado

2026-02-20

Atualizado

2026-02-26

CVE-2026-26723

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions Key Systems Inc Global Facilities Management Software version 20230721a

Description A Cross Site Scripting issue exists in Key Systems Inc Global Facilities Management Software version 20230721a. This allows a remote attacker to execute arbitrary code through a function parameter. The vulnerable component is a function that does not properly sanitize input, potentially leading to the injection of malicious scripts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2026-26723

Produtos afetados

Global Facilities Management

PT-2026-21252 · Key Systems · Global Facilities Management

CVE-2026-26723

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6