{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/vendors/beyaz-computer-software-design-industry-and-trade-ltd.-co./feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.6,"id":"CVE-2026-5783"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["CityPLus"],"_cs_severities":["medium"],"_cs_tags":["cve","xss","reflected-xss","web-application"],"_cs_type":"advisory","_cs_vendors":["Beyaz Computer Software Design Industry and Trade Ltd. Co."],"content_html":"\u003cp\u003eBeyaz Computer Software Design Industry and Trade Ltd. Co.\u0026rsquo;s CityPLus software is vulnerable to a reflected cross-site scripting (XSS) vulnerability, identified as CVE-2026-5783. This vulnerability affects CityPLus versions prior to V24.29750.1.0. A remote attacker can exploit this vulnerability by injecting arbitrary web scripts into a CityPLus web page. When a user visits the crafted URL, the injected script executes in the user\u0026rsquo;s browser within the context of the CityPLus website. This can lead to information disclosure, session hijacking, or defacement of the website. Defenders should ensure CityPLus is updated to the latest version to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker crafts a malicious URL containing a JavaScript payload designed to execute in the context of CityPLus. This payload is often URL-encoded.\u003c/li\u003e\n\u003cli\u003eThe attacker distributes the crafted URL to potential victims, often through phishing emails, social media, or other methods.\u003c/li\u003e\n\u003cli\u003eA victim clicks on the malicious URL, which directs their web browser to a vulnerable CityPLus endpoint.\u003c/li\u003e\n\u003cli\u003eThe CityPLus application fails to properly sanitize the input provided in the URL, reflecting the malicious JavaScript payload in the server\u0026rsquo;s response.\u003c/li\u003e\n\u003cli\u003eThe victim\u0026rsquo;s web browser receives the HTML response from the server, which includes the unsanitized JavaScript payload.\u003c/li\u003e\n\u003cli\u003eThe victim\u0026rsquo;s browser executes the malicious JavaScript code, believing it to be a legitimate part of the CityPLus website.\u003c/li\u003e\n\u003cli\u003eThe attacker\u0026rsquo;s JavaScript code can perform actions such as stealing cookies, redirecting the user to a malicious website, or modifying the content of the CityPLus page.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of the reflected XSS vulnerability (CVE-2026-5783) in CityPLus could allow an attacker to execute arbitrary JavaScript code in the victim\u0026rsquo;s browser. This could result in session hijacking, where the attacker gains control of the user\u0026rsquo;s CityPLus session. The attacker could also redirect the user to a malicious website, steal sensitive information, or deface the CityPLus website. The severity of the impact depends on the privileges of the compromised user and the sensitive information accessible through the CityPLus application.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade CityPLus to version V24.29750.1.0 or later to patch CVE-2026-5783.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-5783 Exploitation — Suspicious URI Query Parameters\u0026rdquo; to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eEducate users about the risks of clicking on suspicious links in emails or on social media to prevent initial access.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-20T16:17:20Z","date_published":"2026-05-20T16:17:20Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cityplus-xss/","summary":"CVE-2026-5783 is a reflected cross-site scripting (XSS) vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus before version V24.29750.1.0, allowing attackers to inject malicious scripts into web pages viewed by users.","title":"CVE-2026-5783: CityPLus Reflected XSS Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-cityplus-xss/"}],"language":"en","title":"CraftedSignal Threat Feed — Beyaz Computer Software Design Industry and Trade Ltd. Co.","version":"https://jsonfeed.org/version/1.1"}