PT-2026-7989 · Universal Software · Flexcity/Kiosk
İbrahim Yi̇ği̇tsoy
·
Published
2026-02-13
·
Updated
2026-03-02
·
CVE-2026-1618
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Universal Software Inc. FlexCity/Kiosk versions prior to 1.0.36
Description
An authentication bypass issue exists in Universal Software Inc. FlexCity/Kiosk, potentially allowing privilege escalation. The issue involves using an alternate path or channel to bypass normal authentication procedures.
Recommendations
Update FlexCity/Kiosk to version 1.0.36 or later.
Fix
LPE
Authentication Bypass Using an Alternate Path or Channel
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Flexcity/Kiosk