Skip to main content

Cityplus

1 CVEs product

Monthly

CVE-2026-5783 HIGH This Week

Reflected cross-site scripting in Beyaz Computer Software's CityPLus application (versions before V24.29750.1.0) allows remote attackers to inject malicious script into web responses that execute in a victim's browser after the victim clicks a crafted link. The CVSS 7.6 score is elevated by a High Availability impact, suggesting the XSS payload can crash or render the application unusable beyond typical session-theft outcomes. No public exploit identified at time of analysis and the issue was reported by TR-CERT (Turkey's national CERT).

XSS Cityplus
NVD
CVSS 3.1
7.6
EPSS
0.0%
EPSS 0% CVSS 7.6
HIGH This Week

Reflected cross-site scripting in Beyaz Computer Software's CityPLus application (versions before V24.29750.1.0) allows remote attackers to inject malicious script into web responses that execute in a victim's browser after the victim clicks a crafted link. The CVSS 7.6 score is elevated by a High Availability impact, suggesting the XSS payload can crash or render the application unusable beyond typical session-theft outcomes. No public exploit identified at time of analysis and the issue was reported by TR-CERT (Turkey's national CERT).

XSS Cityplus
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy