PatchSiren cyber security CVE debrief
CVE-2026-7380 Armiya Information Technologies Ltd. Co. CVE debrief
CVE-2026-7380 is a MEDIUM severity vulnerability in Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. The vulnerability is an improper neutralization of Script-Related HTML tags in a web page (basic XSS) that allows XSS Targeting HTML Attributes. This issue affects users of Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. The vulnerability has a CVSS score of 6.1 and a severity of MEDIUM. Users should review and apply patches or updates to version 2 or later.
- Vendor
- Armiya Information Technologies Ltd. Co.
- Product
- Access Control System (GKS)
- CVSS
- MEDIUM 6.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-07
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-07
- Advisory updated
- 2026-07-07
Who should care
This vulnerability affects users of Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. Users should review and apply patches or updates to version 2 or later. Implement compensating controls such as web application firewalls and monitor for suspicious activity. Security teams should prioritize patching and vulnerability management for this affected product.
Technical summary
The vulnerability is caused by improper neutralization of Script-Related HTML tags in a web page (basic XSS) in Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. This allows an attacker to perform XSS Targeting HTML Attributes. The vulnerability affects Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. Users of affected versions should review and apply patches or updates to version 2 or later.
Defensive priority
MEDIUM
Recommended defensive actions
- Inventory and verify affected versions of Armiya Information Technologies Ltd. Co. Access Control System (GKS)
- Apply patches or updates to version 2 or later
- Implement compensating controls such as web application firewalls
- Monitor for suspicious activity
- Perform regular security audits
- Review and apply vendor guidance
- Track exceptions and retest remediated assets
Evidence notes
The CVE record was published on 2026-07-07T08:16:25.793Z and has not been modified since then. The NVD entry is currently 6.1 MEDIUM. The vulnerability affects Armiya Information Technologies Ltd. Co. Access Control System (GKS) before Version 2. Evidence is limited to CVE and NVD details. Defenders should verify the accuracy of this information with the vendor and consider compensating controls.
Official resources
-
CVE-2026-7380 CVE record
CVE.org
-
CVE-2026-7380 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T08:16:25.793Z and has not been modified since then.