What is the official website of Arby's ?

The official website of Arby's is http://www.arbys.com.

What is Arby's's cybersecurity risk score?

Arby's has an AI-generated cybersecurity risk score of 780 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Arby's experienced?

According to Rankiteo, Arby's currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Arby's been affected by any supply chain cyber incidents ?

According to Rankiteo, Arby's has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Arby's have SOC 2 Type 1 certification ?

According to Rankiteo, Arby's is not certified under SOC 2 Type 1.

Does Arby's have SOC 2 Type 2 certification ?

According to Rankiteo, Arby's does not hold a SOC 2 Type 2 certification.

Does Arby's comply with GDPR ?

According to Rankiteo, Arby's is not listed as GDPR compliant.

Does Arby's have PCI DSS certification ?

According to Rankiteo, Arby's does not currently maintain PCI DSS compliance.

Does Arby's comply with HIPAA ?

According to Rankiteo, Arby's is not compliant with HIPAA regulations.

Does Arby's have ISO 27001 certification ?

According to Rankiteo,Arby's is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Arby's operate in ?

Arby's operates primarily in the Restaurants industry.

How many employees does Arby's have ?

Arby's employs approximately 28,378 people worldwide.

Does Arby's own any subsidiaries ?

Arby's presently has no subsidiaries across any sectors.

How many LinkedIn followers does Arby's have ?

Arby's's official LinkedIn profile has approximately 66,552 followers.

What is the NAICS classification code for Arby's ?

Arby's is classified under the NAICS code 7225, which corresponds to Restaurants and Other Eating Places.

Does Arby's have a Crunchbase profile ?

Yes, Arby's has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/arby-s-restaurant.

Does Arby's have a LinkedIn profile ?

Yes, Arby's maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/arby's.

How many cybersecurity incidents has Arby's experienced ?

As of June 14, 2026, Rankiteo reports that Arby's has experienced 3 cybersecurity incidents.

How many peer or competitor companies does Arby's have ?

Arby's has an estimated 4,971 peer or competitor companies worldwide.

What types of cybersecurity incidents has Arby's faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Arby's

Boost Score +25 with badge (5 left)

780

/1000

Fair

805

/1000

Good

Arby's Vendor Cyber Rating & Cyber Score

arbys.com

cb in

Add Your Compliance Badge

Arby’s, founded in 1964, is the second-largest sandwich restaurant brand in the world with more than 3,400 restaurants in seven countries. Arby’s is part of the Inspire Brands family of restaurants. For more information, visit Arbys.com and InspireBrands.com With the current growth and momentum of the brand, Arby’s is actively seeking new franchisees. To learn more about available markets and requirements, visit ArbysFranchising.com

Arby's A.I CyberSecurity Scoring

Scoring History

Arby's

Arby's CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Arby's

Cyber Attack

10/2017

SON903072625

Arby's

Breach

02/2017

ARB525191123

Arby's

Cyber Attack

6/2014

JIM204072525

Loading…

A.I.

Arby's Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Arby's

Incidents vs Restaurants Industry Avg (This Year)

No incidents recorded for Arby's in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Arby's in 2026.

Incident Types Arby's vs Restaurants Industry Avg (This Year)

No incidents recorded for Arby's in 2026.

Incident History - Arby's (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Arby's Subsidiaries

Arby's

Restaurants

Website: http://www.arbys.com

Company Size: 10,001+ employees

InspireRestaurants

Buffalo Wild WingsRestaurants

SONIC Drive-InRestaurants

Baskin RobbinsRestaurants

Jimmy John'sRestaurants

Inspire Brands FranchisingRestaurants

Loading…

Arby's Similar Companies

Subway

cb subway.com

Subway is one of the world's largest quick service restaurant brands, serving freshly made-to-order sandwiches, wraps, salads and bowls to millions of guests, across over 100 countries in more than 37,000 restaurants every day. Subway restaurants are owned and operated by Subway franchisees – a network that includes more than 20,000 dedicated entrepreneurs and small business owners – who are committed to delivering the best guest experience possible in their local communities. Ready to join the Subway team? There are plenty of incredible opportunities to be part of Subway, from our corporate headquarters and worldwide regional offices to our remote development teams. Our thousands of franchised restaurants across the globe offer opportunities for talented, motivated people to join their teams. Browse opportunities at our dual-headquarters offices in Shelton, CT, and Miami, FL, offices as well as regional offices at https://www.subway.com/en-US/Careers. For opportunities at Subway Restaurants around the world, please visit www.mysubwaycareer.com.

Jersey Mike's Subs

jerseymikes.com

Jersey Mike’s, a fast-casual sub sandwich franchise with more than 3,100 locations open nationwide, believes that making a sub sandwich and making a difference can be one and the same. Jersey Mike’s offers A Sub Above®, serving authentic fresh sliced subs and authentic Philly cheesesteaks grilled to order on freshly baked bread – the same recipe it started with in 1956 – and is passionate about giving back to its local communities. Jersey Mike’s is consistently ranked amongst the top 10 franchises in America in Entrepreneur Magazine's annual Franchise 500. Nation's Restaurant News named Jersey Mike's as its "Fastest Growing Franchise" in the Top 100 three years in a row (2014, 2015, & 2016) and has been the fastest growing sub sandwich franchise every year for the last decade. Franchise Times consistently ranks Jersey Mike's in their annual "Fast & Serious" list, topping the list in 2017, which ranks the the "Smartest Growing Franchises" in the country. The growth is fueled by passionate Jersey Mike’s fans who crave their subs made Mike’s Way® with the freshest vegetables and The Juice: red wine vinegar and olive oil blended to perfection. It's an exquisite zing -- a splash of extra and unexpected. The company uses only premium meats and cheeses sliced on the spot and piled on delectable bread baked fresh in the restaurant throughout the day. The company wins best sub awards in virtually every market it enters. Founder & CEO Peter Cancro started the company at age 17, before he was even legally able to slice a sub. The company remains committed to making a difference in the communities it serves. With a history steeped in philanthropic endeavors, Jersey Mike’s locations across the country have raised hundreds of millions for local charities since the beginning. Several community service initiatives mark the calendar for Jersey Mike’s, including the Annual Day of Giving which owners give 100% of all sales to a charity on 1 special day in March.

Culver's Restaurants

cb culvers.com

With strong, Midwestern family values and genuine hometown hospitality, Culver’s® has proudly served its signature ButterBurgers® and Fresh Frozen Custard since we opened our first restaurant in 1984. There are now over 1,000 Culver’s restaurants in 26 states, with more than 50,000 team members offering deliciously handcrafted meals and desserts. We believe that the smart, dedicated and hard-working people of Culver’s are what drives us to succeed in the restaurant industry. If you are interested in working at a Culver’s restaurant, 98% of which are independently owned and operated franchises, you may apply at www.culvers.com/careers. Also, are you interested in a franchise opportunity? We are looking for franchisees with strong leadership skills to operate Culver’s restaurants with the same high standards we’ve held since day one. If you are interested in becoming a Culver’s franchisee, please visit http://www.culvers.com/franchise. To learn more about Culver’s, visit www.culvers.com, https://www.facebook.com/culvers, https://twitter.com/culvers or https://instagram.com/culvers.

Whataburger

whataburger.com

On Aug. 8, 1950, an adventurous and determined entrepreneur named Harmon Dobson opened up the world’s first Whataburger on Ayers Street in Corpus Christi, Texas. He had a simple goal: to serve a burger so big it took two hands to hold and so good that after one bite customers would say, “What a burger!” He succeeded on both counts and turned that one little burger stand into a legend loved throughout Texas and the South. Today, each and every Whataburger is made to order, right when it’s ordered. And they’re still made with 100 percent pure, never-frozen beef and served on a big toasted five-inch bun with all “the extras” to suit your taste. Grilled jalapeños, extra bacon, three slices of cheese, no tomatoes, extra pickles? No problem. Your Whataburger will be made just like you like it, 24 hours a day, seven days a week. Whataburger’s following has grown exponentially in its more than 75-year history, thanks to a number of features, including its famous burgers and growing list of menu items, its iconic orange-and-white-striped restaurants and its famous Fancy Ketchup. Whataburger is more than a burger chain. It’s a place that feels like home to more than 51,000 employees, called Family Members, and millions of customers. It’s a brand built on pride, care and love. It’s a place people count on in their communities. It’s a place where goodness lives. So now with more than 1,100 Whataburger restaurants across 16 states stretching from Las Vegas to the Carolinas, road-trippers and hometown folks alike continue gathering under the big orange-and-white roofs for fresh, made-to-order burgers and friendly service.

KFC

kfc.com

We’re KFC. The iconic, brand making world-famous finger lickin’ good fried chicken since 1952. Our unrivaled people and culture are the true heart and soul of our brand. It’s where our people promise comes to life every day. Where our employees can be their best selves, make a difference, and have fun — serving chicken and delighting customers at more than 28,000 restaurants in 150 countries and territories around the world. There’s room for all people and voices at our table. Pull up a chair. At the center of our restaurant system is the KFC Global division, which serves as our global Restaurant Support Center (RSC) headquartered in Dallas, TX. Here, we support our regional in-market teams, franchise business partners, and nearly one million team members who serve up our delicious fried chicken around the world. We’re redefining what the future of work looks like. Our 15 business units partner to develop strategies, tools, and best practices for success. KFC Global offers a hybrid work environment — trusting our people to work their best way, whether in the office or at home. No matter your role or function, everyone works with teams from across the globe to drive our shared vision — sharing the joy of our best-tasting fried chicken with the world. No matter how or when you connect with us, KFC will be making the best chicken, hands down, for generations to come. In addition to our growing global footprint, as a subsidiary of Yum! Brands (NYSE: YUM), we also get to collaborate on exciting projects with our sister brands, Taco Bell, Pizza Hut, and The Habit Burger Grill. All you have to do is bring it. Bring your individuality to the table. Bring your passion and grit. We’re all about our people. The Originals. Their ideas, stories, and unique contributions make us who we are. And we want you to be part of it.

ZAMP

zamp.com.br

Somos um grande ecossistema de restaurantes que reúne marcas internacionais como Burger King®, Popeyes®, Starbucks® e Subway®. E, por trás de cada receita de sucesso, estão os Zampers: gente que faz acontecer, que joga junto e que deixa sua marca todos os dias. Aqui, a gente acredita que o verdadeiro sabor do sucesso é ter espaço pra criar, crescer, liderar e ser quem você é. Usamos tecnologia, inovação e muita parceria para entregar experiências que surpreendem nossos clientes e geram oportunidades para o nosso time. Temos apetite pelo futuro e ousadia para conquistar novos mercados, novos sabores e novas conexões. Porque grandes marcas só existem quando grandes pessoas constroem algo maior do que elas mesmas. Isso é a Zamp®: um ecossistema de restaurantes e pessoas em constante evolução.

Red Robin

redrobin.com

Since opening in 1969 in Seattle, Washington, Red Robin has welcomed Guests to our casual dining restaurants in the U.S. and Canada, connecting people around craveable food and fun in a relaxed, playful atmosphere. Our people are the foundation of our success. We aim to be an inclusive employer of choice by encouraging diversity, offering competitive pay and rewarding career paths. We strive to employ Team Members who are a reflection of our Guests and the communities we serve. Mission: Serve our Guests awesome American food and bottomless fun. Vision: Be the most loved restaurant brand in the communities we serve. We WIN TOGETHER when we live our values: BOTTOMLESS FUN: From our unique art, to our iconic mascot, to our endless fries – we like to have fun. Our playful attitude impacts all aspects of our business, ensuring both Team Members and Guests have a great time. UNBRIDLED GENEROSITY: By providing boundless kindness, abundance in service, and a “do-whatever-it-takes” attitude and hospitality, we ensure that our Team Members are equipped and excited to care for our guests. FAMILIARITY WITH A TWIST: Red Robin feels different, but still like home. Our decor, recipes, and Team Members blend the familiar with the unknown to create new and interesting experiences. INTEGRITY & HIGH-PERFORMANCE: Every action is driven by unwavering integrity, setting a new benchmark for high performance, ensuring excellence in all endeavors and fostering a culture of trust and excellence.

Wingstop Restaurants Inc.

cb wingstop.com

Sure, we’re The Wing Experts, but it’s our flavor that defines us. You taste it in our 12 signature sauces, you see it through our bold TV commercials, and you feel it when you walk through our doors. It’s what we like to call a flavor experience, and since the opening of our first restaurant in 1994 in Garland, Texas, it’s been our mission to Serve the World Flavor. Fast forward over 30 years and we’ve done just that. With more than 2800 locations globally, we’ve established ourselves as one of the fastest growing restaurant brands in the industry. Our fresh wings satisfy your hunger in a way nothing else can, and we’d like to think our workplace is just as unique as our made-from-scratch ranch dressing. We’ve got the opportunity you’ve been craving whether you’re looking for something at our restaurant support center in Dallas, or in the field supporting our team members in-restaurant. For people who demand flavor in everything from their food to their career, Wingstop is the answer. We’re a brand that can’t be duplicated, with a momentum that can’t be slowed – let us show you what Team Wing is all about! Visit www.wingstop.com/careers for more information and follow our page to stay updated with all things Wingstop.

Jack in the Box

jackinthebox.com

Jack in the Box has always been the place for those who live outside the box. Where you can try new things and order what you want when you want it. Now, let’s get to the facts! Did you know Jack in the Box was founded on February 21, 1951, by a businessman named Robert O. Peterson in San Diego, California? Yeah, you probably did. Did you know Jack in the Box pioneered a number of firsts in the quick-serve industry, including menu items that are now staples on most fast-food menu boards, like the breakfast sandwich and portable salads. Sure. Did you know Jack in the Box has over 2000 locations? Everyone knows that. Whatever the reason you came to Jack in the Box's LinkedIn page...welcome, we’re happy to have you here.

Loading…

NEWS

Arby's CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 23, 2025 08:00 AM

Arby's, Dunkin' Owner Dodges Web Cookie Suit, For Now

A California federal judge dismissed a proposed class action Monday against Arby's, Jimmy John's, Dunkin', Baskin-Robbins and their parent...

Read Article

May 10, 2024 04:48 PM

Arby’s franchise class action claims data breach exposed employees info

A former Arby's employee filed a class action lawsuit against the company over a data breach of the personal information of former and current employees.

Read Article

May 02, 2024 07:00 AM

Arby’s Midwest Chain Hit With Employee Data Breach Class Action

The owner of 121 Arby's restaurants in the Midwest faces a proposed class action alleging negligence and the invasion of privacy of...

Read Article

March 06, 2020 08:00 AM

Arby's Agrees To Pay Financial Cos. $3M In Data Breach Deal

A Georgia federal judge has preliminarily approved a nearly $3 million settlement between Arby's and a class of financial institutions that...

Read Article

May 08, 2019 07:00 AM

Arby's Serves Up $2M Data Breach Deal

A class of Arby's consumers that sued the fast-food chain after a three-month-long data breach asked a Georgia federal court to give final...

Read Article

October 03, 2018 07:00 AM

Burgerville Hit By Massive Cybersecurity Breach, Class-Action Lawsuit

UPDATE (Oct. 3, 5:27 p.m. PT) — Burgerville says it has discovered a "sophisticated" cybersecurity breach that may have affected customers...

Read Article

August 22, 2018 07:00 AM

If you shopped at these 16 stores in the last year, your data might have been stolen

Data breaches continue to be a threat to consumers. Many companies were hacked and likely had information stolen from them since January...

Read Article

August 01, 2018 07:00 AM

How Cyber Crime Group FIN7 Attacked and Stole Data from Hundreds of U.S. Companies

FIN7 members engaged in a highly sophisticated malware campaign targeting more than 100 US companies, predominantly in the restaurant, gaming, and hospitality...

Read Article

August 01, 2018 07:00 AM

Hackers Behind Attacks on US Retailers Arrested

Authorities identified alleged hackers as Dmytro Fedorov, Fedir Hladyr and Andrii Kolpakov of the cybercrime group FIN7.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…