PT-2026-53231 · Codeastro · Complaint Management System

Ashikmd7

Published

2026-06-29

Updated

2026-06-29

CVE-2026-13549

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

Exploit

Fix

Improper Authorization

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-285CWE-639

Related Identifiers

CVE-2026-13549

Affected Products

Complaint Management System

PT-2026-53231 · Codeastro · Complaint Management System

CVE-2026-13549

Weakness Enumeration

Related Identifiers

Affected Products

References · 7