5.3
/ 10
MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Description
A security flaw has been discovered in CodeAstro Complaint Management System 1.0. The affected element is the function deletereport of the file application/controllers/Report.php of the component Report Endpoint. The manipulation results in authorization bypass. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
Basic Information
ID
CVE-2026-13549
Source
VulDB
Published
Jun 29, 2026 at 08:00
Affected Product
Vendor
CodeAstro
Product
Complaint Management System
Version
1.0
Affected Versions
CodeAstro Complaint Management System 1.0