CVE-2026-26724
Published
CVSS v3
7.6
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the /?Function=Groups endpoint.
Public disclosures of software vulnerabilities discovered and responsibly reported by Chandler Johnson. Includes CVEs, technical writeups, and proof-of-concepts.
GitHub