ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions

Eurostar Company CyberSecurity Posture

eurostar.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

At Eurostar, we're not just in the business of transportation, we're in the business of making your journeys across Europe unforgettable. Together, we want to create moments that stay with you throughout your travels and long after you've arrived, from the quick coffee run on the way to the station, to the moment you’ve arrived at your destination to sit down at a local favourite. With our dynamic and ambitious spirit, Eurostar is proud to have a connected and cosmopolitan team who feel at home in five countries. And the Eurostar journey doesn’t stop there, we’re always on the lookout for new ways to improve what we do. On the platform, in our depot, in our offices, and on board, we share the same goal – to create a memorable experience and elevate your trips. Together, we go further.

Eurostar A.I CyberSecurity Scoring

Eurostar

Company Details

Linkedin ID:

eurostar

Website:

http://www.eurostar.com

Employees number:

2,260

Number of followers:

111,048

NAICS:

5615

Industry Type:

Travel Arrangements

Homepage:

eurostar.com

IP Addresses:

0

Company ID:

EUR_1931649

Scan Status:

In-progress

AI scoreEurostar Risk Score (AI oriented)

Between 750 and 799

https://images.rankiteo.com/companyimages/eurostar.jpeg
Eurostar Travel Arrangements
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreEurostar Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/eurostar.jpeg
Eurostar Travel Arrangements
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Eurostar Company CyberSecurity News & History

Past Incidents
2
Attack Types
2
EntityTypeSeverityImpactSeenBlog DetailsIncident DetailsView
EurostarBreach50210/2018
EUR25271222
Rankiteo Explanation :
Attack limited on finance or reputation

Description: Eurostar asked all of its customers to reset their passwords after detecting an “unauthorised attempt” to hack into its systems and access their accounts. The company identified an attempt to access eurostar.com accounts using users’ email and passwords between the 15 and 19 of October, after which it asked its customers to reset the passwords.

Eurostar: Eurostar chatbot security flaws almost left customers exposed to possible security threatsVulnerability25112/2025
EUR1766404527
Rankiteo Explanation :
Attack without any consequences

Description: **Eurostar’s AI Chatbot Vulnerabilities Exposed by Security Researchers** Security researchers at **Pen Test Partners** uncovered critical flaws in **Eurostar’s AI-powered customer support chatbot**, which could have enabled malicious exploitation. The vulnerabilities included **weak message validation**, allowing attackers to manipulate older prompts to execute unauthorized actions—such as extracting system details or potentially exfiltrating data. Additional weaknesses involved **unverified conversation IDs** and an **HTML injection flaw**, which permitted JavaScript execution within the chat interface. Despite the risks, **Eurostar confirmed that no customer data was compromised**, as the chatbot lacked access to sensitive databases or login-protected information. The company stated that all vulnerabilities have since been **mitigated**, emphasizing that the chatbot operated in isolation from critical systems. The discovery highlights broader concerns around **rapid AI adoption in enterprises**, where misconfigurations and non-human identities are expanding cloud attack surfaces. While Pen Test Partners did not exploit the flaws to access user data, they warned that similar design weaknesses could pose **greater risks as chatbot functionality evolves**. The incident underscores the need for **rigorous security testing** in AI-driven tools, particularly as businesses integrate them into customer-facing operations.

Eurostar
Breach
Severity: 50
Impact: 2
Seen: 10/2018
Blog:
EUR25271222
Rankiteo Explanation
Attack limited on finance or reputation

Description: Eurostar asked all of its customers to reset their passwords after detecting an “unauthorised attempt” to hack into its systems and access their accounts. The company identified an attempt to access eurostar.com accounts using users’ email and passwords between the 15 and 19 of October, after which it asked its customers to reset the passwords.

Eurostar: Eurostar chatbot security flaws almost left customers exposed to possible security threats
Vulnerability
Severity: 25
Impact: 1
Seen: 12/2025
Blog:
EUR1766404527
Rankiteo Explanation
Attack without any consequences

Description: **Eurostar’s AI Chatbot Vulnerabilities Exposed by Security Researchers** Security researchers at **Pen Test Partners** uncovered critical flaws in **Eurostar’s AI-powered customer support chatbot**, which could have enabled malicious exploitation. The vulnerabilities included **weak message validation**, allowing attackers to manipulate older prompts to execute unauthorized actions—such as extracting system details or potentially exfiltrating data. Additional weaknesses involved **unverified conversation IDs** and an **HTML injection flaw**, which permitted JavaScript execution within the chat interface. Despite the risks, **Eurostar confirmed that no customer data was compromised**, as the chatbot lacked access to sensitive databases or login-protected information. The company stated that all vulnerabilities have since been **mitigated**, emphasizing that the chatbot operated in isolation from critical systems. The discovery highlights broader concerns around **rapid AI adoption in enterprises**, where misconfigurations and non-human identities are expanding cloud attack surfaces. While Pen Test Partners did not exploit the flaws to access user data, they warned that similar design weaknesses could pose **greater risks as chatbot functionality evolves**. The incident underscores the need for **rigorous security testing** in AI-driven tools, particularly as businesses integrate them into customer-facing operations.

Ailogo

Eurostar Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for Eurostar

Incidents vs Travel Arrangements Industry Average (This Year)

Eurostar has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

Eurostar has 28.21% more incidents than the average of all companies with at least one recorded incident.

Incident Types Eurostar vs Travel Arrangements Industry Avg (This Year)

Eurostar reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 1 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.

Incident History — Eurostar (X = Date, Y = Severity)

Eurostar cyber incidents detection timeline including parent company and subsidiaries

Eurostar Company Subsidiaries

SubsidiaryImage

At Eurostar, we're not just in the business of transportation, we're in the business of making your journeys across Europe unforgettable. Together, we want to create moments that stay with you throughout your travels and long after you've arrived, from the quick coffee run on the way to the station, to the moment you’ve arrived at your destination to sit down at a local favourite. With our dynamic and ambitious spirit, Eurostar is proud to have a connected and cosmopolitan team who feel at home in five countries. And the Eurostar journey doesn’t stop there, we’re always on the lookout for new ways to improve what we do. On the platform, in our depot, in our offices, and on board, we share the same goal – to create a memorable experience and elevate your trips. Together, we go further.

similarCompanies

Eurostar Similar Companies

Norwegian Cruise Line Holdings Ltd.
nclhltd.com

Norwegian Cruise Line Holdings Ltd. (NYSE: NCLH) is a leading global cruise company which operates Norwegian Cruise Line, Oceania Cruises and Regent Seven Seas Cruises. With a combined fleet of 32 ships and approximately 66,500 berths, NCLH offers itineraries to approximately 700 destinations worl

Security Report Compare
Hertz
hertz.com

Hertz is one of the world’s largest mobility companies, and through its indirect subsidiary, The Hertz Corporation, operates the Hertz, Dollar, and Thrifty vehicle rental brands throughout North America, Europe, the Caribbean, Latin America, Africa, the Middle East, Asia, Australia, and New Zealand.

Security Report Compare
DER Touristik vormals REWE Touristik GmbH
dertouristik.com

DER TOURISTIK GROUP AUF WACHSTUMSKURS Die DER Touristik Group gehört heute zu den führenden europäischen Reisekonzernen. Sie vereint unter ihrem Dach verschiedene Geschäftsfelder rund ums Thema Reisen und agiert seit 2018 strukturell als Holding mit vier Divisions. Durch den Zukauf der europäische

Security Report Compare
Princess Cruises
spr.ly

Princess is the world’s leading premium cruise line operating a fleet of modern ships visiting over 380 destinations around the globe on more than 160 itineraries. Each moment on Princess is one of wonderful discovery where guests can relax and explore. The choices are endless, from invigorating act

Security Report Compare
Enterprise Mobility
enterprisemobility.com

At Enterprise Mobility™ we are paving a new way forward by creating better experiences for how we move. We give people around the world the ability to connect in ways that suit their unique needs. It’s a bold idea that has defined our purpose-led, people-first organization for over 65 years, and it’

Security Report Compare

CWT is a global business travel and meetings specialist, with whom companies and governments partner to keep their people connected, in traditional business locations and some of the most remote and inaccessible parts of the globe. A private company – owned through funds managed by a group of leadin

Security Report Compare
Royal Caribbean Group
royalcaribbeangroup.com

At Royal Caribbean Group, we deliver unforgettable vacations to guests who trust us with life’s greatest moments. We build the best ships, and even better careers, all while doing the right thing. We are passionate. We are innovative. We are unstoppable. We open the world to our employees. Your jour

Security Report Compare
MSC Cruises
msccruises.com

Headquartered in Geneva, Switzerland, MSC Cruises is the world’s third largest cruise lines and the market leader in Europe, South America, the Middle East and Southern Africa, with a strong and growing presence in North America and the Far East. The MSC Cruises fleet consists of 22 modern ships wi

Security Report Compare
Costa Crociere S.p.A.
costacrociere.it

Costa belongs to the Carnival Corporation & plc Group, listed on the London and New York stock exchanges, the largest cruise company in the world. Costa, the only Italian cruise company flying the Italian flag, has been sailing the world’s seas for more than 75 years, offering its guests a differe

Security Report Compare
newsone

Eurostar CyberSecurity News

December 12, 2024 08:20 AM
Eurostar Database Allegedly Leaked by Hackers

According to a report circulating on social media, hackers have purportedly accessed and leaked Eurostar's customer database.

Read Article
July 24, 2023 07:00 AM
Eurostar adopts biometric check-in on UK-France trains, experts warn of risks

Railways are now adopting biometric check-ins, fuelling ongoing debates on potential cybersecurity risks.

Read Article
October 25, 2021 07:00 AM
iProov partners to bring face biometrics to Eurostar, fight against online fakes

Eurostar will begin a two-week trial of facial recognition-based immigration system whereby enrolled passengers will not need to scan a...

Read Article
February 03, 2021 08:00 AM
UK transport secretary: Eurostar is ‘not our company to rescue’

It's up to France to lead since 'we don't own the thing,' says Britain's Grant Shapps.

Read Article
December 17, 2020 08:00 AM
Eurostar warns travelers to expect customs checks from January 1

Eurostar on Thursday warned travelers they will face new customs checks from January 1 when going by train between London and the Continent.

Read Article
July 13, 2017 07:00 AM
Eurostar lets you experience being underwater by using virtual reality

Eurostar offers a new onboard virtual reality experience that brings the undersea world alive for travellers.

Read Article
January 19, 2012 08:00 AM
Eurostar to sole distribute LG Smart TV Upgrader

Eurostar Group, a conglomerate with core interests in digital satellite receiving systems, consumer electronics and other businesses in the...

Read Article
faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

Eurostar CyberSecurity History Information

Official Website of Eurostar

The official website of Eurostar is http://www.eurostar.com.

Eurostar’s AI-Generated Cybersecurity Score

According to Rankiteo, Eurostar’s AI-generated cybersecurity score is 751, reflecting their Fair security posture.

How many security badges does Eurostar’ have ?

According to Rankiteo, Eurostar currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Does Eurostar have SOC 2 Type 1 certification ?

According to Rankiteo, Eurostar is not certified under SOC 2 Type 1.

Does Eurostar have SOC 2 Type 2 certification ?

According to Rankiteo, Eurostar does not hold a SOC 2 Type 2 certification.

Does Eurostar comply with GDPR ?

According to Rankiteo, Eurostar is not listed as GDPR compliant.

Does Eurostar have PCI DSS certification ?

According to Rankiteo, Eurostar does not currently maintain PCI DSS compliance.

Does Eurostar comply with HIPAA ?

According to Rankiteo, Eurostar is not compliant with HIPAA regulations.

Does Eurostar have ISO 27001 certification ?

According to Rankiteo,Eurostar is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of Eurostar

Eurostar operates primarily in the Travel Arrangements industry.

Number of Employees at Eurostar

Eurostar employs approximately 2,260 people worldwide.

Subsidiaries Owned by Eurostar

Eurostar presently has no subsidiaries across any sectors.

Eurostar’s LinkedIn Followers

Eurostar’s official LinkedIn profile has approximately 111,048 followers.

NAICS Classification of Eurostar

Eurostar is classified under the NAICS code 5615, which corresponds to Travel Arrangement and Reservation Services.

Eurostar’s Presence on Crunchbase

No, Eurostar does not have a profile on Crunchbase.

Eurostar’s Presence on LinkedIn

Yes, Eurostar maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/eurostar.

Cybersecurity Incidents Involving Eurostar

As of December 22, 2025, Rankiteo reports that Eurostar has experienced 2 cybersecurity incidents.

Number of Peer and Competitor Companies

Eurostar has an estimated 4,815 peer or competitor companies worldwide.

What types of cybersecurity incidents have occurred at Eurostar ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Vulnerability.

How does Eurostar detect and respond to cybersecurity incidents ?

Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with password reset, and communication strategy with customer notification, and third party assistance with pen test partners (vulnerability discovery), and containment measures with vulnerabilities mitigated, and remediation measures with vulnerabilities fixed, chatbot functionality reviewed, and communication strategy with public statement confirming customer data was never at risk..

Incident Details

Can you provide details on each incident ?

Incident : Unauthorized Access Attempt

measurementExposure impactImpact

Title: Eurostar Password Reset Incident

Description: Eurostar asked all of its customers to reset their passwords after detecting an “unauthorised attempt” to hack into its systems and access their accounts.

Date Detected: 2023-10-15

Type: Unauthorized Access Attempt

Attack Vector: Credential Stuffing

Motivation: Data Theft

Incident : Vulnerability Exploitation

measurementExposure impactImpact

Title: Eurostar AI Chatbot Vulnerabilities Discovered

Description: Pen Test Partners discovered vulnerabilities in Eurostar’s AI-powered customer support chatbot, including weak validation and HTML injection flaws. The vulnerabilities could have allowed malicious prompts to reveal system information or exfiltrate data, though customer data was not directly at risk as the chatbot was not connected to customer databases.

Type: Vulnerability Exploitation

Attack Vector: AI Chatbot

Vulnerability Exploited: Weak message validationImproper conversation/message ID verificationHTML injection

What are the most common types of attacks the company has faced ?

Common Attack Types: The most common types of attacks the company has faced is Breach.

Impact of the Incidents

What was the impact of each incident ?

Incident : Unauthorized Access Attempt EUR25271222

Data Compromised: Customer email and passwords

Systems Affected: eurostar.com accounts

Incident : Vulnerability Exploitation EUR1766404527

Data Compromised: None (customer data not at risk)

Systems Affected: AI-powered customer support chatbot

Brand Reputation Impact: Potential reputational damage due to disclosed vulnerabilities

What types of data are most commonly compromised in incidents ?

Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email, Passwords and .

Which entities were affected by each incident ?

Incident : Unauthorized Access Attempt EUR25271222

Entity Name: Eurostar

Entity Type: Corporation

Industry: Transportation

Incident : Vulnerability Exploitation EUR1766404527

Entity Name: Eurostar

Entity Type: Company

Industry: Transportation/Rail

Response to the Incidents

What measures were taken in response to each incident ?

Incident : Unauthorized Access Attempt EUR25271222

Containment Measures: Password Reset

Communication Strategy: Customer Notification

Incident : Vulnerability Exploitation EUR1766404527

Third Party Assistance: Pen Test Partners (vulnerability discovery)

Containment Measures: Vulnerabilities mitigated

Remediation Measures: Vulnerabilities fixed, chatbot functionality reviewed

Communication Strategy: Public statement confirming customer data was never at risk

How does the company involve third-party assistance in incident response ?

Third-Party Assistance: The company involves third-party assistance in incident response through Pen Test Partners (vulnerability discovery).

Data Breach Information

What type of data was compromised in each breach ?

Incident : Unauthorized Access Attempt EUR25271222

Type of Data Compromised: Email, Passwords

Incident : Vulnerability Exploitation EUR1766404527

Data Exfiltration: Potential (if chatbot functionality expanded)

What measures does the company take to prevent data exfiltration ?

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Vulnerabilities fixed, chatbot functionality reviewed.

How does the company handle incidents involving personally identifiable information (PII) ?

Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by password reset, and vulnerabilities mitigated.

Lessons Learned and Recommendations

What lessons were learned from each incident ?

Incident : Vulnerability Exploitation EUR1766404527

Lessons Learned: Rapid AI adoption can expand cloud attack surfaces and introduce vulnerabilities if not properly secured. Chatbot integrations must include robust validation and access controls to prevent exploitation.

What recommendations were made to prevent future incidents ?

Incident : Vulnerability Exploitation EUR1766404527

Recommendations: Implement strict validation for all chatbot messages and conversation IDs, Isolate AI systems from sensitive customer databases, Conduct regular security assessments of AI-powered tools, Monitor for HTML injection and other common web vulnerabilities, Expand chatbot functionality cautiously with security reviewsImplement strict validation for all chatbot messages and conversation IDs, Isolate AI systems from sensitive customer databases, Conduct regular security assessments of AI-powered tools, Monitor for HTML injection and other common web vulnerabilities, Expand chatbot functionality cautiously with security reviewsImplement strict validation for all chatbot messages and conversation IDs, Isolate AI systems from sensitive customer databases, Conduct regular security assessments of AI-powered tools, Monitor for HTML injection and other common web vulnerabilities, Expand chatbot functionality cautiously with security reviewsImplement strict validation for all chatbot messages and conversation IDs, Isolate AI systems from sensitive customer databases, Conduct regular security assessments of AI-powered tools, Monitor for HTML injection and other common web vulnerabilities, Expand chatbot functionality cautiously with security reviewsImplement strict validation for all chatbot messages and conversation IDs, Isolate AI systems from sensitive customer databases, Conduct regular security assessments of AI-powered tools, Monitor for HTML injection and other common web vulnerabilities, Expand chatbot functionality cautiously with security reviews

What are the key lessons learned from past incidents ?

Key Lessons Learned: The key lessons learned from past incidents are Rapid AI adoption can expand cloud attack surfaces and introduce vulnerabilities if not properly secured. Chatbot integrations must include robust validation and access controls to prevent exploitation.

References

Where can I find more information about each incident ?

Incident : Vulnerability Exploitation EUR1766404527

Source: TechRadar Pro

Incident : Vulnerability Exploitation EUR1766404527

Source: Pen Test Partners

Incident : Vulnerability Exploitation EUR1766404527

Source: City AM

Where can stakeholders find additional resources on cybersecurity best practices ?

Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: TechRadar Pro, and Source: Pen Test Partners, and Source: City AM.

Investigation Status

What is the current status of the investigation for each incident ?

Incident : Vulnerability Exploitation EUR1766404527

Investigation Status: Vulnerabilities mitigated

How does the company communicate the status of incident investigations to stakeholders ?

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customer Notification and Public statement confirming customer data was never at risk.

Stakeholder and Customer Advisories

Were there any advisories issued to stakeholders or customers for each incident ?

Incident : Unauthorized Access Attempt EUR25271222

Customer Advisories: Password Reset Notification

Incident : Vulnerability Exploitation EUR1766404527

Customer Advisories: Eurostar stated that customer data was never at risk and vulnerabilities have been addressed.

What advisories does the company provide to stakeholders and customers following an incident ?

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Password Reset Notification, and Eurostar stated that customer data was never at risk and vulnerabilities have been addressed..

Post-Incident Analysis

What were the root causes and corrective actions taken for each incident ?

Incident : Vulnerability Exploitation EUR1766404527

Root Causes: Weak Validation Of Chatbot Messages, Improper Verification Of Conversation/Message Ids, Html Injection Vulnerability,

Corrective Actions: Vulnerabilities Fixed, Chatbot Functionality Reviewed For Security,

What is the company's process for conducting post-incident analysis ?

Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Pen Test Partners (vulnerability discovery).

What corrective actions has the company taken based on post-incident analysis ?

Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Vulnerabilities Fixed, Chatbot Functionality Reviewed For Security, .

Additional Questions

Incident Details

What was the most recent incident detected ?

Most Recent Incident Detected: The most recent incident detected was on 2023-10-15.

Impact of the Incidents

What was the most significant data compromised in an incident ?

Most Significant Data Compromised: The most significant data compromised in an incident were Customer Email and Passwords, and None (customer data not at risk).

What was the most significant system affected in an incident ?

Most Significant System Affected: The most significant system affected in an incident was eurostar.com accounts and .

Response to the Incidents

What third-party assistance was involved in the most recent incident ?

Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Pen Test Partners (vulnerability discovery).

What containment measures were taken in the most recent incident ?

Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Password Reset and Vulnerabilities mitigated.

Data Breach Information

What was the most sensitive data compromised in a breach ?

Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Customer Email and Passwords and None (customer data not at risk).

Lessons Learned and Recommendations

What was the most significant lesson learned from past incidents ?

Most Significant Lesson Learned: The most significant lesson learned from past incidents was Rapid AI adoption can expand cloud attack surfaces and introduce vulnerabilities if not properly secured. Chatbot integrations must include robust validation and access controls to prevent exploitation.

What was the most significant recommendation implemented to improve cybersecurity ?

Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Expand chatbot functionality cautiously with security reviews, Conduct regular security assessments of AI-powered tools, Implement strict validation for all chatbot messages and conversation IDs, Monitor for HTML injection and other common web vulnerabilities and Isolate AI systems from sensitive customer databases.

References

What is the most recent source of information about an incident ?

Most Recent Source: The most recent source of information about an incident are Pen Test Partners, City AM and TechRadar Pro.

Investigation Status

What is the current status of the most recent investigation ?

Current Status of Most Recent Investigation: The current status of the most recent investigation is Vulnerabilities mitigated.

Stakeholder and Customer Advisories

What was the most recent customer advisory issued ?

Most Recent Customer Advisory: The most recent customer advisory issued were an Password Reset Notification and Eurostar stated that customer data was never at risk and vulnerabilities have been addressed.

cve

Latest Global CVEs (Not Company-Specific)

Description

A vulnerability has been found in SeaCMS up to 13.3. The affected element is an unknown function of the file js/player/dmplayer/dmku/class/mysqli.class.php. Such manipulation of the argument page/limit leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

Published
Date
2025-12-21
Updated
Date
2025-12-21
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HappyDevs TempTool allows Stored XSS.This issue affects TempTool: from n/a through 1.3.1.

Published
Date
2025-12-21
Updated
Date
2025-12-21
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
References
Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tormorten WP Microdata allows Stored XSS.This issue affects WP Microdata: from n/a through 1.0.

Published
Date
2025-12-21
Updated
Date
2025-12-21
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
References
Description

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in HappyDevs TempTool allows Retrieve Embedded Sensitive Data.This issue affects TempTool: from n/a through 1.3.1.

Published
Date
2025-12-21
Updated
Date
2025-12-21
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description

A vulnerability has been found in Tenda FH1201 1.2.0.14(408). Affected is the function sprintf of the file /goform/SetIpBind. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

Published
Date
2025-12-21
Updated
Date
2025-12-21
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=eurostar' -H 'apikey: YOUR_API_KEY_HERE'
Try It API Documentation rapidRapid

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo
By Rankiteo
View on G2.com
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
View latest reports → View all security reports →
Users Love Us Badge