CVE-2026-26723

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2026-26723
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the function parameter.

8.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/chndlrx/vulnerability-disclosures/tree/main/CVE-2026-26723 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:keystorage:global_facilities_management_software:20230721a:*:*:*:*:*:*:*
History

No history.

Information

Published : 2026-02-20 17:25

Updated : 2026-02-26 17:55

NVD link : CVE-2026-26723

Mitre link : CVE-2026-26723

CVE.ORG link : CVE-2026-26723

JSON object : View

Products Affected

keystorage

  • global_facilities_management_software
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')