What is the official website of Allianz ?

The official website of Allianz is https://www.allianz.com/en.html.

What is Allianz's cybersecurity risk score?

Allianz has an AI-generated cybersecurity risk score of 710 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Allianz experienced?

According to Rankiteo, Allianz currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Allianz been affected by any supply chain cyber incidents ?

According to Rankiteo, Allianz has been affected by a supply chain cyber incident involving Snowflake, with the incident ID MEREQUUNIMAEMGMGOOTOYSNOALLORARIPTIC1775528897.

Does Allianz have SOC 2 Type 1 certification ?

According to Rankiteo, Allianz is not certified under SOC 2 Type 1.

Does Allianz have SOC 2 Type 2 certification ?

According to Rankiteo, Allianz does not hold a SOC 2 Type 2 certification.

Does Allianz comply with GDPR ?

According to Rankiteo, Allianz is not listed as GDPR compliant.

Does Allianz have PCI DSS certification ?

According to Rankiteo, Allianz does not currently maintain PCI DSS compliance.

Does Allianz comply with HIPAA ?

According to Rankiteo, Allianz is not compliant with HIPAA regulations.

Does Allianz have ISO 27001 certification ?

According to Rankiteo,Allianz is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Allianz operate in ?

Allianz operates primarily in the Financial Services industry.

How many employees does Allianz have ?

Allianz employs approximately 140,160 people worldwide.

Does Allianz own any subsidiaries ?

Allianz presently has no subsidiaries across any sectors.

How many LinkedIn followers does Allianz have ?

Allianz's official LinkedIn profile has approximately 1,192,279 followers.

What is the NAICS classification code for Allianz ?

Allianz is classified under the NAICS code 52, which corresponds to Finance and Insurance.

Does Allianz have a Crunchbase profile ?

Yes, Allianz has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/allianz.

Does Allianz have a LinkedIn profile ?

Yes, Allianz maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/allianz.

How many cybersecurity incidents has Allianz experienced ?

As of June 14, 2026, Rankiteo reports that Allianz has experienced 9 cybersecurity incidents.

How many peer or competitor companies does Allianz have ?

Allianz has an estimated 32,081 peer or competitor companies worldwide.

What types of cybersecurity incidents has Allianz faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach, Cyber Attack and Ransomware.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Allianz

Boost Score +25 with badge (5 left)

710

/1000

Moderate

735

/1000

Moderate

Allianz Vendor Cyber Rating & Cyber Score

allianz.com

cb in

Add Your Compliance Badge

The Allianz Group is one of the world's leading insurers and asset managers with more than 100 million private and corporate customers in nearly 70 countries. We are proud to be the Worldwide Insurance Partner of the Olympic & Paralympic Movements from 2021 until 2032 and to be recognized as one of the industry leaders in the Dow Jones Sustainability Index. Caring for our employees, their ambitions, dreams and challenges is what makes us a unique employer. Together we can build an environment where everyone feels empowered and has the confidence to explore, to grow and to shape a better future for our customers and the world around us. Join us and together, let’s care for tomorrow. Credits:

Allianz A.I CyberSecurity Scoring

Scoring History

Allianz

Allianz CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Allianz

Ransomware

100

12/2025

Snowflake

MEREQUUNIMAEMGM...

Allianz

Breach

10/2025

ALL229272210012...

Allianz

Ransomware

100

8/2025

ALL316081425

Allianz Life

Breach

7/2025

ALL1772058877

Allianz

Cyber Attack

7/2025

ALL259272510012...

Allianz

Breach

100

5/2025

ALL505090325

Allianz

Breach

6/2024

ALL003320010032...

Allianz

Breach

4/2024

ALL841080425

Allianz

Ransomware

100

01/2023

ALL435050724

Loading…

A.I.

Allianz Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Allianz

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for Allianz in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Allianz in 2026.

Incident Types Allianz vs Financial Services Industry Avg (This Year)

No incidents recorded for Allianz in 2026.

Incident History - Allianz (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Allianz Subsidiaries

Allianz

Financial Services

Website: https://www.allianz.com/en.html

Company Size: 10,001+ employees

Allianz PartnersInsurance

Allianz Global Assistance CanadaInsurance

Allianz Partners BrasilInsurance

Allianz Partners FranceInsurance

Allianz Partners EspañaInsurance

Allianz Partners AustraliaInsurance

Allianz Partners TürkiyeConsumer Services

Allianz Partners UK and IrelandInsurance

Allianz Partners IndiaInsurance

Allianz Partners PortugalInsurance

Allianz Partners ItalyInsurance

Allianz Partners APAC & MEAInsurance

Allianz Partners NederlandInsurance

Allianz Partners USAInsurance

Allianz Partners New ZealandInsurance

Allianz Partners BelgiumInsurance

Allianz Partners DeutschlandInsurance

Allianz Partners Nordic & BalticsInsurance

Allianz Partners JapanFinancial Services

Allianz Partners MalaysiaFinancial Services

Allianz Partners ColombiaAdministrative and Support Services

Allianz Partners SwitzerlandInsurance

Allianz Partners RéunionBusiness Consulting and Services

Allianz Partners PolskaInsurance

Allianz Partners MexicoInsurance

PIMCOInvestment Management

Allianz Global InvestorsFinancial Services

Allianz Global Investors FranceFinancial Services

アリアンツ・グローバル・インベスターズ・ジャパンFinancial Services

risklab - the Investment and Risk Advisory Experts of Allianz Global InvestorsFinancial Services

Allianz Global Investors DACHFinancial Services

Allianz Global Investors ItaliaFinancial Services

Allianz Global Investors EspañaFinancial Services

Allianz BrasilInsurance

Allianz TechnologyIT Services and IT Consulting

Loading…

Allianz Similar Companies

Equifax

equifax.com

At Equifax (NYSE: EFX), we believe knowledge drives progress. As a global data, analytics, and technology company, we play an essential role in the global economy by helping financial institutions, companies, employers, and government agencies make critical decisions with greater confidence. Our unique blend of differentiated data, analytics, and cloud technology drives insights to power decisions to move people forward. Headquartered in Atlanta and supported by nearly 15,000 employees worldwide, Equifax operates or has investments in 24 countries in North America, Central and South America, Europe, and the Asia Pacific region. For more information, visit Equifax.com.

HDB Financial Services Ltd.

cb hdbfs.com

HDB Financial Services (HDBFS) is a leading Non-Banking Financial Company (NBFC) that caters to the growing needs of an Aspirational India, serving both Individual & Business Clients The lines of business include - Lending and BPO Services. Incorporated in 2007, HDB is a well-established business with strong capitalization. HDBFS is accredited with CARE AAA & CRISIL AAA ratings for its long-term debt & Bank facilities and an Al+ rating for its short-term debt & commercial papers, making it a strong and reliable financial institution. HDB has a robust network of more than 1740 branches in 1158 cities, thus catering to a wide reach of customers. The organsation offers a comprehensive bouquet of products and service offerings that are tailor-made to suit its customers’ requirements, including first-time borrowers and the underserved segments. The product portfolio includes Personal Loan, Business Loan, Loan Against Property, Enterprise Business Loan, Gold Loan, Car Loans, Loan Against Securities, Commercial Vehicle Loan, Construction Equipment Loan and Consumer Durable Loan. HDB’s BPO services offerings include running collection call centers, sales support services, back office operations and processing support services.

Tata Capital

cb tatacapital.com

Tata Capital Limited is a subsidiary of Tata Sons Limited. The Company is registered with the Reserve Bank of India as a Core Investment Company and offers through itself and its subsidiaries fund and fee-based financial services to its customers, under the Tata Capital brand. As a trusted and customer-centric, one-stop financial services provider, Tata Capital caters to the diverse needs of retail, corporate and institutional customers, across various areas of business namely the Commercial Finance, Infrastructure Finance, Cleantech Finance, Wealth Management, Consumer Loans and distribution and marketing of Tata Cards. Tata Capital has over 500+ branches spanning all critical markets in India.

Westpac Group

westpac.com.au

From rescue helicopters to signing the Equator Principles, from paying super during parental leave to adding 'Touch ID' biometric technology to our banking apps and being first on the scene with a helping hand in times of crisis... we have a proud history of stepping up to be first for our customers, communities and people. As Australia’s first bank and Australia’s first company we put service at the heart of everything we do and our people are our priority. We've grown up as a company and expanded both in Australia and throughout Asia, the United Kingdom and the United States. Now we are made up of your favourite financial institution names including Westpac, BankSA, St.George Bank, BT Financial Group, RAMs and Bank of Melbourne, a change of job doesn’t mean a change of employer at Westpac Group. We've made a commitment to put our customers first in everything we do. This means creating fundamentally superior customer experiences for each customer, every time. We promise that when you meet with someone from Westpac Group, you'll be touched by their genuine dedication to helping our customers prosper and grow. Westpac Group acknowledges the traditional owners as the custodians of this land, recognising their connection to land, waters and community. We pay our respects to Australia's First Peoples, and to their Elders, past and present.

L&T Finance

ltfs.com

L&T Finance is one of the leading NBFCs offering a range of loans across Rural | Housing | Two-Wheeler | Personal & Business (SME) The company is promoted by Larsen and Toubro Ltd. (L&T), one of the largest conglomerates in India. LTF is publicly listed on both the exchanges of India - BSE & NSE and complies to the guidelines applicable to an NBFC- CIC. Headquartered in Mumbai, the company has been rated AAA, the highest credit rating for NBFCs by four leading rating agencies.

J.P. Morgan

jpmorgan.com

J.P. Morgan is a leader in financial services, offering solutions to clients in more than 100 countries with one of the most comprehensive global product platforms available. We have been helping our clients to do business and manage their wealth for more than 200 years. Our business has been built upon our core principle of putting our clients' interests first. J.P. Morgan is part of JPMorgan Chase & Co. (NYSE: JPM), a global financial services firm. Social Media Terms and Conditions: https://bit.ly/JPMCSocialTerms © 2017 JPMorgan Chase & Co. JPMorgan Chase is an equal opportunity and affirmative action employer Disability/Veteran.

Credicorp

grupocredicorp.com

Somos el grupo financiero líder en el Perú con una vasta experiencia en el mercado peruano. Contamos con una sólida plataforma de Banca Comercial reforzada por una importante presencia en Banca de Inversión en Latinoamérica destinada a desarrollar el potencial de la región y acompañar a nuestros clientes en su crecimiento. Ofrecemos un modelo de servicios financieros completo y diversificado en países como Perú, Bolivia, Estados Unidos, Panamá, Chile y Colombia; y desarrollamos operaciones esencialmente a través de nuestras seis principales subsidiarias: Banco de Crédito del Perú, BCP Bolivia, Mibanco, Pacífico Compañía de Seguros y Reaseguros, Prima AFP, Atlantic Security Bank y Credicorp Capital. El negocio de Credicorp se concentra principalmente en cuatro líneas de negocio: Banca Universal, Microfinanzas, Seguros y Pensiones, y Asesoría y Gestión de Inversiones.

PT. Pegadaian

pegadaian.co.id

PT Pegadaian didirikan di kota Sukabumi, Jawa Barat pada 1 April 1901. Tak hanya bergerak di Industri Gadai, Pegadaian juga memiliki ragam produk dan layanan seperti investasi berbasis emas yang dapat dimiliki oleh masyarakat dengan cara yang mudah, diantaranya Tabungan Emas, Cicil Emas dan Arisan Emas. Sementara untuk produk pembiayaan, Pegadaian menyediakan produk pembiayaan Haji dan Umroh, Kredit Mikro, Kredit Kendaraan hingga KUR Syariah. Tergabung dalam Holding Ultra Mikro pada 2021, Pegadaian bersama BRI dan PNM berkomitmen dalam mendukung UMKM untuk naik kelas. Pegadaian juga merupakan lembaga pembiayaan sosial yang berkomitmen untuk memberdayakan masyarakat melalui layanan keuangan inklusif. Dengan berbagai inovasi layanan dan program sosial, Pegadaian terus berupaya menciptakan dampak positif bagi komunitas dan masyarakat secara luas. Pada Desember 2024, Pegadaian resmi menjadi pelopor usaha Bulion dengan mengantongi izin yang dikeluarkan oleh Otoritas Jasa Keuangan (OJK), melalui surat Persetujuan Penyelenggaraan Kegiatan Usaha Bulion PT Pegadaian. Melalui surat tersebut, Pegadaian dapat melakukan kegiatan usaha Layanan Bank Emas Pegadaian yang meliputi Deposito Emas, Pinjaman Modal Kerja Emas, Jasa Titipan Emas Korporasi maupun Perdagangan Emas. Produk dan layanan Pegadaian dapat diakses baik secara konvensional maupun digital melalui aplikasi Pegadaian Digital yang dapat di unduh melalui AppStore maupun PlayStore. Untuk informasi lebih lanjut kunjungi www.pegadaian.co.id

Empower

empower.com

At Empower, we’ve always been guided by strong values with a focus on helping people achieve the financial freedom they deserve. It’s been an incredible journey so far, but our story is just getting started. From the very beginning, we’ve prided ourselves on putting our customers first in everything we do — which will never change. The genesis of Empower dates back to 1891, when our parent company was founded as an insurance firm on the Canadian prairie. After more than a century of expansion and a profound evolution of service offerings, the modern iteration of Empower was launched in 2014. Our past is a big part of who we are as a business, but we continue to invest heavily in our current principles and future endeavors. Today, as the second-largest recordkeeper¹ in the U.S. and a comprehensive wealth management leader, we proudly serve more than 19 million individuals and over 88,000 different organizations.² With a constant commitment to growth, innovation and technology, we are fully dedicated to transforming the lives of all Americans. Our personalized tools and solutions are aimed at helping everyone improve their financial confidence so they can pursue their passions and reach their unique goals. That’s our promise. ------------------------ Disclosures: https://www.empower.com/social-media/ ¹Pension & Investments DC Recordkeeper Survey (2024). Ranking measured by total number of participants as of December 2023. ²As of March 31, 2025.

Loading…

NEWS

Allianz CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 23, 2026 02:18 PM

How Allianz Cyber Educator Daria Catalui Puts People First to Build a Human Firewall

For Daria Catalui, top cyber educator at Allianz and an advisor at European Union Agency for Cybersecurity (ENISA), effective cybersecurity starts not with...

Read Article

March 13, 2026 07:00 AM

From threat to prevention: How is AI shaping the future of cybersecurity?

Vinay Surana, Allianz Partners the impact artificial intelligence is having on both emboldening cyber criminals and empowering cyber...

Read Article

February 25, 2026 08:00 AM

Allianz Life Under Investigation for Data Breach of Over 1.4 Million Customer Records

Schubert Jonckheer & Kolbe LLP is investigating a data breach impacting the sensitive personal information of 1,497,036 customers of Allianz...

Read Article

February 12, 2026 08:00 AM

Allianz Risk Barometer 2024 On The Rise Of Ransomware

This week in cybersecurity from the editors at Cybercrime Magazine.

Read Article

January 19, 2026 08:00 AM

Cyber risk keeps winning, even as AI takes over

Cyber risk continues to dominate global business concerns, with AI rising quickly alongside it. According to a new risk survey from Allianz,...

Read Article

January 16, 2026 08:00 AM

Allianz Risk Barometer: AI Surges as Cyber Tops Business Risks Again

Cyber threats are once again at the top of the global corporate worry list, according to the Allianz Risk Barometer 2026.

Read Article

January 15, 2026 08:00 AM

Allianz Ranks Cyber And AI Top Risks

Allianz's 2026 Risk Barometer lists cyber incidents as the top global risk, with 42% of respondents, and artificial intelligence rising to...

Read Article

January 14, 2026 08:00 AM

AI surges among top business risk concerns, while cybersecurity holds firm

A report from Allianz Commercial shows the rapid embrace of AI is posing new challenges for enterprise leaders.

Read Article

January 14, 2026 08:00 AM

Allianz Risk Barometer 2026: Cybersecurity remains the main risk for companies

Cyber incidents generated numerous challenges in 2025 and remain the biggest concern for companies globally in 2026, according to the...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…