What is the official website of Fusion Project Management ?

The official website of Fusion Project Management is http://www.fusion-pm.co.uk.

What is Fusion Project Management's cybersecurity risk score?

Fusion Project Management has an AI-generated cybersecurity risk score of 750 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Fusion Project Management experienced?

According to Rankiteo, Fusion Project Management currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Fusion Project Management been affected by any supply chain cyber incidents ?

According to Rankiteo, Fusion Project Management has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Fusion Project Management have SOC 2 Type 1 certification ?

According to Rankiteo, Fusion Project Management is not certified under SOC 2 Type 1.

Does Fusion Project Management have SOC 2 Type 2 certification ?

According to Rankiteo, Fusion Project Management does not hold a SOC 2 Type 2 certification.

Does Fusion Project Management comply with GDPR ?

According to Rankiteo, Fusion Project Management is not listed as GDPR compliant.

Does Fusion Project Management have PCI DSS certification ?

According to Rankiteo, Fusion Project Management does not currently maintain PCI DSS compliance.

Does Fusion Project Management comply with HIPAA ?

According to Rankiteo, Fusion Project Management is not compliant with HIPAA regulations.

Does Fusion Project Management have ISO 27001 certification ?

According to Rankiteo,Fusion Project Management is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Fusion Project Management operate in ?

Fusion Project Management operates primarily in the Business Consulting and Services industry.

How many employees does Fusion Project Management have ?

Fusion Project Management employs approximately 39 people worldwide.

Does Fusion Project Management own any subsidiaries ?

Fusion Project Management presently has no subsidiaries across any sectors.

How many LinkedIn followers does Fusion Project Management have ?

Fusion Project Management's official LinkedIn profile has approximately 1,707 followers.

What is the NAICS classification code for Fusion Project Management ?

Fusion Project Management is classified under the NAICS code 5416, which corresponds to Management, Scientific, and Technical Consulting Services.

Does Fusion Project Management have a Crunchbase profile ?

No, Fusion Project Management does not have a profile on Crunchbase.

Does Fusion Project Management have a LinkedIn profile ?

Yes, Fusion Project Management maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/fusion-project-management.

How many cybersecurity incidents has Fusion Project Management experienced ?

As of June 14, 2026, Rankiteo reports that Fusion Project Management has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Fusion Project Management have ?

Fusion Project Management has an estimated 19,438 peer or competitor companies worldwide.

What types of cybersecurity incidents has Fusion Project Management faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

FPM

Boost Score +25 with badge (5 left)

750

/1000

Fair

775

/1000

Fair

Fusion Project Management Vendor Cyber Rating & Cyber Score

fusion-pm.co.uk

Add Your Compliance Badge

Fusion is a dynamic, expert consultancy company who provide business, property, education and construction advice and services throughout the United Kingdom. In 2024, Fusion joined the RSK group of companies. Our mission is to provide personal and tailor-made management support to our clients. The large majority of our work is gained via referral, recommendation and repeat business, which demonstrates our successful relationships with our clients. Follow us on Instagram - @fusion_3bm

FPM A.I CyberSecurity Scoring

Scoring History

FPM

Fusion Project Management CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Fusion Project Mana...

Cyber Attack

10/2025

JEN273212710242...

Loading…

A.I.

FPM Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for FPM

Incidents vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for Fusion Project Management in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Fusion Project Management in 2026.

Incident Types FPM vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for Fusion Project Management in 2026.

Incident History - FPM (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Fusion Project Management Subsidiaries

FPM

Business Consulting and Services

Website: http://www.fusion-pm.co.uk

Company Size: 11-50 employees

136

RSK GroupEnvironmental Services

RSK EcologyEnvironmental Services

PD&MS GroupOil and Gas

PD&MS CareersEngineering Services

Nicholas O'Dwyer LtdEnvironmental Services

Civil Engineering InternationalCivil Engineering

RSK BiocensusEnvironmental Services

CS2 Chartered SurveyorsConstruction

Jennings O'Donovan & PartnersCivil Engineering

EcologiaEnvironmental Services

FR ConsultantsConstruction

Cambridge Environmental Assessments, part of RSK ADAS LtdChemical Manufacturing

RSK EnvironmentEnvironmental Services

RSK RenewablesRenewable Energy Semiconductor Manufacturing

Central AllianceConstruction

ADASEnvironmental Services

RSK Habitat ManagementEnvironmental Services

ADAS ArboricultureEnvironmental Services

FarmPEPFarming

SCPCivil Engineering

GeocoreCivil Engineering

COGNICAConstruction

CR Civil EngineeringCivil Engineering

RSK AustraliaEnvironmental Services

KeegansConstruction

RSK WildingEnvironmental Services

The Woodhouse Partnership Ltd (TWPL)Business Consulting and Services

Woodhouse AustralasiaBusiness Consulting and Services

Synergie Environ LtdEngineering Services

ADAS PlanningArchitecture and Planning

Non Destructive Testing Services LtdConstruction

EDP Consultants AustraliaEnvironmental Services

Leap EnvironmentalEnvironmental Services

AxisOil and Gas

ECD Architects LtdArchitecture and Planning

W Crowder & Sons LtdWholesale

Pharos Generator Services LimitedMechanical Or Industrial Engineering

3BM StudioConstruction

StudioAdvertising Services

RoC ConsultingConstruction

EDPBusiness Consulting and Services

FishtekEnvironmental Services

1stinrailCivil Engineering

Travis BakerCivil Engineering

Centara Ltd - Surveying, Engineering and CADUtilities

Virtus EnergyComputers and Electronics Manufacturing

Optisol Services LtdRenewable Energy Semiconductor Manufacturing

RSK AsbestosEnvironmental Services

MilestoneConstruction

Richard Allitt Associates LtdCivil Engineering

Remote Aerial SurveysPhotography

rsim Remote SimulationsCivil Engineering

Advantage RSKAlternative Dispute Resolution

RGM Environmental, Science and Technical support servicesEnvironmental Services

RSK DACH-RegionEnvironmental Services

ADEV ENVIRONNEMENTEnvironmental Services

RemedX LtdEnvironmental Services

RSK LDE (Land and Development Engineering)Civil Engineering

Streetwise UK Management LtdConstruction

TWIG GroupEnvironmental Services

B-Line and Easy2PlotPrinting Services

Technik GSConstruction

RSK IWS Integrated Waste Solutions LtdUtilities

Hawkins Electrical LtdAppliances, Electrical, and Electronics Manufacturing

Kirton Water Treatment ServicesUtilities

Enviroflow Management LimitedUtilities

Milner AssociatesConstruction

EDP Singapore PTEBusiness Consulting and Services

LARSEN WATER MANAGEMENT LTDUtilities

RSK Middle EastEnvironmental Services

WRc GroupResearch Services

Structural SoilsCivil Engineering

Optimus Plus (Aberdeen) LtdOil and Gas

Southern Ecological Solutions (SES)Environmental Services

PellingsConstruction

CANCivil Engineering

Nature PositiveEnvironmental Services

Kendall Kingscott LtdConstruction

RSK Ireland Ltd.Environmental Services

Apollo Strategic CommunicationsPublic Relations and Communications Services

Amphos 21Environmental Services

WGM Engineering LtdEngineering Services

Headland Archaeology (UK) LtdEnvironmental Services

RSK CreativeDesign Services

BinniesCivil Engineering

Binnies DCWWCivil Engineering

MWH TreatmentConstruction

RSK AfricaEnvironmental Services

CAN RenewablesServices for Renewable Energy

Copper ConsultancyPublic Relations and Communications Services

RSK GeosciencesEnvironmental Services

RSK Geophysics and SafegroundEnvironmental Services

RSK GeospatialSurveying and Mapping Services

Inis Environmental Consultants Ltd.Environmental Services

EnvireauEnvironmental Services

BMG ResearchMarket Research

WatertrainEducation

Ian Farmer Associates (1998) LimitedCivil Engineering

RSK International Projects GroupEnvironmental Services

eb7 ltdReal Estate

RSK AcousticsArchitecture and Planning

Spencer Quantum LtdConstruction

HydrofixServices for Renewable Energy

RSK ResponseEnvironmental Services

RSK APACEnvironmental Services

Richard Irvin FM LimitedFacilities Services

CX Utilities Ltd (An RSK Company)Utilities

Acies Civil and Structural LtdCivil Engineering

Stephenson HallidayEnvironmental Services

Salix River and WetlandEnvironmental Services

Silcock Leedham Group LimitedConstruction

C J Associates Geotechnical LtdConstruction

cbec eco-engineering UK & EuropeEnvironmental Services

ADAS LandscapeArchitecture and Planning

Up and UnderCivil Engineering

Smith + Kennedy ArchitectsArchitecture and Planning

RSK EnvironnementBusiness Consulting and Services

ATV Contract Services LtdEnvironmental Services

Brown & May Marine LtdFisheries

RSK Consents SolutionsUtilities

RSK RadiologicalEnvironmental Services

Dermot Casey Tree Care Ltd.Consumer Services

RSK Group EuropeEnvironmental Services

RSK Group Latin AmericaEnvironmental Services

Homer Burgess LtdIndustrial Machinery Manufacturing

Proeon Systems Ltd.Automation Machinery Manufacturing

MG Scaffolding LtdConstruction

RSK BENELUX BVEnvironmental Services

RSK NetherlandsEnvironmental Services

HI-LINEEnvironmental Services

Treefellers LtdEnvironmental Services

Minerex Environmental Ltd.Environmental Services

Calibrate Energy LtdRenewable Energy Semiconductor Manufacturing

ATP Architects & Building SurveyorsArchitecture and Planning

The MSS GroupEnvironmental Services

Aurora Health Physics Services LtdEnvironmental Services

Loading…

Fusion Project Management Similar Companies

Genpact

genpact.com

Genpact is an agentic and advanced technology solutions company. We leverage process intelligence and artificial intelligence to deliver measurable outcomes. With a strong partner ecosystem and decades of client trust, we provide innovative solutions that transform how businesses run. Powered by a team with an active learning mindset and client centricity at its core, we deliver lasting value for the world’s leading enterprises. Get to know us at www.genpact.com and on the following social handles: X: https://twitter.com/genpact Facebook: https://www.facebook.com/ProudToBeGenpact/ Instagram: https://www.instagram.com/genpact_global/ YouTube: https://www.youtube.com/@GenpactGlobal ** Beware of fake offers** Genpact never requires applicants to pay to be part of our hiring process. If you receive an email asking you to purchase a starter kit, equipment, or training, or to pay to apply for a role, you can assume that the message is a scam. For more information on careers at Genpact, please visit us at https://www.genpact.com/careers

Deloitte

deloitte.com

Deloitte drives progress. Our firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. The content on this page contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively the “Deloitte Network”) is, by means of this publication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on content from this page.

ERM

erm.com

Sustainability is our business.  As the world’s largest specialist sustainability consultancy, ERM partners with clients to operationalize sustainability at pace and scale, deploying a unique combination of strategic transformation and technical delivery capabilities. This approach helps clients to accelerate the integration of sustainability at every level of their business.  With more than 50 years of experience, ERM’s diverse team of 8000+ experts in 40 countries and territories helps clients create innovative solutions to their sustainability challenges, unlocking commercial opportunities that meet the needs of today while preserving opportunity for future generations.  

EY-Parthenon

ey.com

Our unique combination of transformative strategy, transactions and corporate finance delivers real-world value – solutions that work in practice, not just on paper. Benefiting from EY’s full spectrum of services, we’ve reimagined strategic consulting to work in a world of increasing complexity. With deep functional and sector expertise, paired with innovative AI-powered technology and an investor mindset, we partner with CEOs, boards, private equity and governments every step of the way – enabling you to shape your future with confidence. EY-Parthenon is a brand under which a number of EY member firms across the globe provide strategy consulting services. For more information, please visit ey.com/parthenon.

ELIS

cb elis.com

As the leader in circular services at work, Elis ensures its clients achieve optimal hygiene, well-being and protection – everywhere, every day, in a sustainable way. We employ 54,000 people locally in 30 countries. We work for public and private organizations of all sizes, in all sectors of activity offering solutions for flat linen, workwear, facility, beverage, pest control, mats, wipers, cleanroom and medical waste. Our circular services help clients stay focused on their core business and allow them to reduce their environmental footprint. Our circular services inspire our commitment: they create a bond between us, our clients and our planet and they unite our people around the world. Elis is listed on Euronext Paris. --- Leader des services circulaires au travail, Elis veille à ce que ses clients bénéficient d'une hygiène, d'un bien-être et d'une protection optimale – partout dans le monde, tous les jours et de manière durable. Nous employons localement 54 000 collaborateurs dans 29 pays. Nous travaillons pour des organismes publics et privés de toutes tailles, dans tous les secteurs d’activité en leur offrant des solutions en vêtement de travail, linge plat, sanitaires, boisson, prévention nuisibles, tapis, essuyage industriel, salles propres et DASRI. Nos services circulaires aident nos clients à concentrer leurs efforts sur leur cœur de métier et leur permettent de réduire leur empreinte environnementale. Nos services circulaires inspirent notre engagement : ils créent un lien entre nous, nos clients et notre planète et unissent nos collaborateurs dans le monde entier. Elis est côté sur Euronext Paris et fait partie du SBF 120.

Protiviti

protiviti.com

Protiviti (www.protiviti.com) is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Protiviti and its independent and locally owned member firms provide clients with consulting and managed solutions in finance, technology, operations, data, digital, legal, HR, risk and internal audit through a network of more than 90 offices in over 25 countries. Named to the Fortune 100 Best Companies to Work For® list for the 11th consecutive year, Protiviti Inc. has served more than 80 percent of Fortune 100 and nearly 80 percent of Fortune 500 companies. The firm also works with government agencies and smaller, growing companies, including those looking to go public. Protiviti Inc. is a wholly owned subsidiary of Robert Half (NYSE: RHI).

Xerox

xerox.com

Xerox has been redefining the workplace experience for over a century. As a services-led, software-enabled company, we power today’s hybrid workplace through advanced print, digital, and AI-driven technologies. In 2025, Xerox acquired Lexmark—expanding our global footprint, strengthening service capabilities, and equipping us to deliver an even broader portfolio of workplace technologies to our clients. Today, we continue our legacy of innovation to deliver client-centric, digitally driven solutions that meet the needs of a global, distributed workforce. Whether in offices, classrooms, or hospitals, we help our clients thrive in a constantly evolving business landscape.

EXL

exlservice.com

Choosing a digital partner is about more than capabilities — it’s about collaboration and character. Unrealistic overhauls and off-the-shelf products ignore what matters most — your unique needs, culture, goals, and your legacy data and technology environments. At EXL, our collaboration is built on ongoing listening and learning to adapt our methodologies. We’re your business evolution partner—tailoring solutions that make the most of data to make better business decisions and drive more intelligence into your increasingly digital operations. Whether your goals are scaling the use of AI and digital, redesign operating models, or driving better and faster decisions, we’re here to partner with you to help you gain—and maintain—competitive advantage with efficient, sustainable models at scale. Our expertise in transformation, data science, and change management helps make your business more efficient and effective, improve customer relationships and enhance revenue growth. Instead of focusing on multi-year, resource- and time-intensive platform designs or migrations, we look deeper at your entire value chain to integrate strategies with impact. We use our specialization in analytics, digital interventions, and operations management—alongside deep industry expertise — to deliver solutions that help you outperform the competition. At EXL, it’s all about outcomes—your outcomes—and delivering success on your terms. Share your goals with us and together, we’ll optimize how you leverage data to drive your business forward. For more information, visit www.exlservice.com.

Stefanini Group

stefanini.com

Global Tech Consulting Company All in One. Stefanini is a Brazilian multinational company with 37 years of experience and presence in 41 countries. With more than 35,000 employees, we co-create solutions for a better future, driving digital transformation with a focus on real results. We operate in an integrated way through 7 specialized business units: Consulting (Technology and Business Agility), Analytics & AI, Banking & Payments, Cybersecurity, Manufacturing 4.0, and Digital Marketing. Recognized as the most internationalized technology company in Brazil, according to the Fundação Dom Cabral (FDC) ranking, Stefanini is global by essence, collaborative by nature, and strategic by vocation. It is also a pioneer in applying Artificial Intelligence to transform businesses through an end-to-end AI-First approach.

Loading…

NEWS

Fusion Project Management CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…