What is the official website of HBS Business and Environment Initiative ?

The official website of HBS Business and Environment Initiative is https://www.hbs.edu/environment/Pages/default.aspx.

What is HBS Business and Environment Initiative's cybersecurity risk score?

HBS Business and Environment Initiative has an AI-generated cybersecurity risk score of 772 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has HBS Business and Environment Initiative experienced?

According to Rankiteo, HBS Business and Environment Initiative currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has HBS Business and Environment Initiative been affected by any supply chain cyber incidents ?

According to Rankiteo, HBS Business and Environment Initiative has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Instructure (Incident ID: INS1779266405) Instructure (Incident ID: STAVICINSHAR1778218101) Instructure (Incident ID: UNISTAINSHAR1778200829) Ghost (Incident ID: DUCHARGHO1779798590) Instructure (Incident ID: THEYALRUTHARSTAINSPRI1778258906) Instructure (Incident ID: MCGVERHARUDE1777034314) Oracle (Incident ID: DARHARPRICOLCLE1767881845)

Does HBS Business and Environment Initiative have SOC 2 Type 1 certification ?

According to Rankiteo, HBS Business and Environment Initiative is not certified under SOC 2 Type 1.

Does HBS Business and Environment Initiative have SOC 2 Type 2 certification ?

According to Rankiteo, HBS Business and Environment Initiative does not hold a SOC 2 Type 2 certification.

Does HBS Business and Environment Initiative comply with GDPR ?

According to Rankiteo, HBS Business and Environment Initiative is not listed as GDPR compliant.

Does HBS Business and Environment Initiative have PCI DSS certification ?

According to Rankiteo, HBS Business and Environment Initiative does not currently maintain PCI DSS compliance.

Does HBS Business and Environment Initiative comply with HIPAA ?

According to Rankiteo, HBS Business and Environment Initiative is not compliant with HIPAA regulations.

Does HBS Business and Environment Initiative have ISO 27001 certification ?

According to Rankiteo,HBS Business and Environment Initiative is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does HBS Business and Environment Initiative operate in ?

HBS Business and Environment Initiative operates primarily in the Higher Education industry.

How many employees does HBS Business and Environment Initiative have ?

HBS Business and Environment Initiative employs approximately None employees people worldwide.

Does HBS Business and Environment Initiative own any subsidiaries ?

HBS Business and Environment Initiative presently has no subsidiaries across any sectors.

How many LinkedIn followers does HBS Business and Environment Initiative have ?

HBS Business and Environment Initiative's official LinkedIn profile has approximately 5,692 followers.

What is the NAICS classification code for HBS Business and Environment Initiative ?

HBS Business and Environment Initiative is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.

Does HBS Business and Environment Initiative have a Crunchbase profile ?

No, HBS Business and Environment Initiative does not have a profile on Crunchbase.

Does HBS Business and Environment Initiative have a LinkedIn profile ?

Yes, HBS Business and Environment Initiative maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/hbs-bei.

How many cybersecurity incidents has HBS Business and Environment Initiative experienced ?

As of June 14, 2026, Rankiteo reports that HBS Business and Environment Initiative has experienced 9 cybersecurity incidents.

How many peer or competitor companies does HBS Business and Environment Initiative have ?

HBS Business and Environment Initiative has an estimated 17,076 peer or competitor companies worldwide.

What types of cybersecurity incidents has HBS Business and Environment Initiative faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

HBEI

Boost Score +25 with badge (5 left)

772

/1000

Fair

797

/1000

Fair

HBS Business and Environment Initiative Vendor Cyber Rating & Cyber Score

hbs.edu

Add Your Compliance Badge

The Business and Environment Initiative educates, connects, and mobilizes business leaders to address climate change and other environmental challenges. Our goals are to: - Engage and promote a faculty community on business and environment topics - Educate students to transform organizations to become environmentally sustainable - Disseminate insights from research and foster alumni engagement on critical environmental topics BEI brings together more than 40 affiliated faculty members who collectively represent the School’s ten units. We catalyze research and share insights with business leaders. We encourage faculty and students to address climate change and environmental sustainability in MBA classrooms. We host academic and executive

HBEI A.I CyberSecurity Scoring

Scoring History

HBEI

HBS Business and Environment Initiative CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Harvard University

Ransomware

100

5/2026

Instructure

INS1779266405

Harvard University

Cyber Attack

100

5/2026

Instructure

STAVICINSHAR177...

Harvard University

Ransomware

100

5/2026

Instructure

UNISTAINSHAR177...

Harvard University

Cyber Attack

5/2026

Ghost

DUCHARGHO177979...

Harvard University

Cyber Attack

100

5/2026

Instructure

THEYALRUTHARSTA...

Harvard University

Breach

100

4/2026

Instructure

MCGVERHARUDE177...

Harvard University

Breach

1/2026

Oracle

DARHARPRICOLCLE...

Harvard University

Ransomware

100

11/2025

HAR1770230343

Harvard University

Breach

1/2020

TICHARATTPRIMCD...

Loading…

A.I.

HBEI Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for HBEI

Incidents vs Higher Education Industry Avg (This Year)

No incidents recorded for HBS Business and Environment Initiative in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for HBS Business and Environment Initiative in 2026.

Incident Types HBEI vs Higher Education Industry Avg (This Year)

No incidents recorded for HBS Business and Environment Initiative in 2026.

Incident History - HBEI (X = Date, Y = Severity)

Loading…

SUBSIDIARY

HBS Business and Environment Initiative Subsidiaries

HBEI

Higher Education

Website: https://www.hbs.edu/environment/Pages/default.aspx

Company Size: 1,001-5,000 employees

Harvard UniversityHigher Education

Harvard Medical SchoolHigher Education

Harvard Medical School Department of Biomedical InformaticsHigher Education

Harvard Medical School Center for BioethicsHigher Education

Harvard Medical School Department of Health Care PolicyHigher Education

Harvard Medical School Center for Computational BiomedicineHigher Education

Black Staff CaucusHigher Education

Harvard Law SchoolHigher Education

Harvard Kennedy SchoolHigher Education

Harvard University Graduate School of DesignArchitecture and Planning

Harvard Extension SchoolHigher Education

Harvard Advanced Leadership InitiativeHigher Education

Wyss Institute at Harvard UniversityBiotechnology Research

Disruptive: Wyss Institute PodcastBiotechnology

Harvard Divinity SchoolHigher Education

Harvard John A. Paulson School of Engineering and Applied SciencesHigher Education

Harvard Radcliffe InstituteHigher Education

Harvard University Talent and Careers ConnectionHigher Education

Harvard University Alumni Affairs and Development (AA&D)Higher Education

Harvard Office of Technology Development (OTD)Research Services

Harvard Division of Continuing EducationHigher Education

Fairbank Center for Chinese Studies, Harvard UniversityHigher Education

The Harvard Center for Population and Development StudiesHigher Education

Harvard Kenneth C. Griffin Graduate School of Arts and SciencesHigher Education

Harvard T.H. Chan School of Public HealthHigher Education

Harvard T.H. Chan School of Public Health HR, Talent AcquisitionHigher Education

Harvard Public Health magazinePeriodical Publishing

Lee Kum Sheung Center for Health and HappinessPublic Health

Harvard Ministerial Leadership ProgramHigher Education

Master in Health Care Management at Harvard Chan SchoolHigher Education

Center for Health Communication at Harvard T.H. Chan School of Public HealthHigher Education

Center for Communicable Disease Dynamics - CCDDHigher Education

Harvard Chan Education and Research CenterHigher Education

Harvard Chan Alumni and FriendsHigher Education

Department of Environmental Health at Harvard Chan SchoolHigher Education

Prevention Research Center on Nutrition and Physical Activity at Harvard Chan SchoolHigher Education

Voices in LeadershipHigher Education

International Health Systems ProgramPublic Health

Harvard Graduate School of EducationHigher Education

HBS Institute for Business in Global SocietyBusiness Content

HBS Leadership InitiativeHigher Education

Harvard Business School Executive EducationHigher Education

HBS Social Enterprise InitiativeCivic and Social Organizations

Loading…

HBS Business and Environment Initiative Similar Companies

Universiti Teknologi MARA

uitm.edu.my

Universiti Teknologi MARA (UiTM) is the largest comprehensive university in Malaysia providing innovative education with state-of-the-art infrastructure and technology within reach at its 34 campuses (1 main campus, 12 state campuses and 21 satellite campuses), 4 College of Studies, 13 faculties, 9 academic centres across the country. UiTM offers over 500 academic programmes at Foundation, Pre-Diploma, Diploma, Bachelor’s, Master’s, and PhD level, as well as Professional Programmes. It continues to expand access to higher education, playing its role in nation building by unleashing potentials, shaping the future. Currently, UiTM is among the Top 46% performing universities in the QS World University Rankings 2023. Amongst its long lines of accolades, in 2022 UiTM was honoured with the Reader’s Digest Trusted Brand Gold Award in the Public University category for the 12th time. UiTM is also ranked 105th in the QS Asia University Rankings 2022 and placed 651–701 in the QS World University Rankings 2022. The Hospitality and Leisure Management subject is placed at 42nd best in the world, and overall 14 UiTM subjects are ranked in the QS World University Rankings by Subject. In 2021, UiTM was in the 101-200th position in THE Impact Rankings 2021 and ranked 150th in the UI GreenMetric (UIGM) World University Rankings 2021. In 2020, UiTM won gold for the Best International Print-ads at the QS APPLE Creative Awards. With over 900,000 alumni in science, technology, humanities and entrepreneurship, UiTM offers opportunities to shape leaders at national, industry and global levels and is well poised to become a globally renowned university by 2025.

University of Southern California

usc.edu

The University of Southern California is a leading private research university located in Los Angeles, the capital of the Pacific Rim. This is the official LinkedIn presence for the University of Southern California. This account is managed and mediated by the staff of USC University Communications. Content (including posts from 3rd parties) that include videos, photographs, opinions and links to content outside of this channel do not necessarily represent the University of Southern California’s academic goals or opinions. Community guidelines: Alumni and students are welcome to post professional updates and news. Posts containing solicitations, product placements, derogatory or inflammatory comments are prohibited and will be removed. Off-topic comments will also be removed. Posts are not regularly monitored. Please note: for questions regarding degrees offered and admissions policies please call (213) 740-2311.

Texas Tech University

ttu.edu

A new era of excellence is dawning at Texas Tech University as it stands on the cusp of being one of the nation's premier research institutions. Research and enrollment numbers are at record levels, which cement Texas Tech's commitment to attracting and retaining quality students. In fall 2020, the university achieved a goal more than a decade in the making, reaching a total student population of more than 40,000. In 2018, the Carnegie Classification of Institutions of Higher Education again placed Texas Tech among its top doctoral universities in the nation in the “Very High Research Activity” category. Texas Tech is one of 94 public institutions nationally and 131 overall to achieve this prestigious recognition. Quality students need top-notch faculty. Texas Tech is home to a diverse, highly revered pool of educators who excel in teaching, research and service. The university strives to foster an environment that celebrates student accomplishment above all else. Texas Tech is large enough to provide the best in facilities and academics but prides itself on being able to focus on each student individually. The momentum for excellence at Texas Tech has never been greater.

Deakin University

deakin.edu.au

Deakin’s unique identity – rooted in balanced excellence in education and research – has been driving lasting change for a better future since 1974. Over our 50+ year history, Deakin has grown to be one of the top universities worldwide with a truly global presence. Our passion and commitment to teaching, research and student success is recognised by local and international ranking bodies and our students. Turning 50 is a key milestone for the Deakin community. We’re transitioning from a young University to a more established institution that’s turning ideas into impact. #1 Victorian uni for graduate employment, Course Satisfaction & Student Support #2 Victorian uni for research quality Registered Australian University CRICOS No: 00113B

University of Alabama at Birmingham

uab.edu

Known for its innovative and interdisciplinary approach to education at both the graduate and undergraduate levels, the University of Alabama at Birmingham, a part of the University of Alabama System, is an internationally renowned research university and academic medical center with over $700 million in research awards annually, as well as Alabama’s largest single employer, with some 26,000 employees, and has an annual economic impact exceeding $7.15 billion on the state. The pillars of UAB’s mission include education, research, innovation and economic development, community engagement, and patient care. Learn more at www.uab.edu.

McGill University

mcgill.ca

McGill University is one of Canada's best-known institutions of higher learning and one of the leading universities in the world. With students coming to McGill from some 150 countries, our student body is the most internationally diverse of any research-intensive university in the country. McGill was founded in 1821 thanks to a generous bequest by James McGill, and since then, we've grown from a small college to a bustling university with three campuses, 11 faculties, some 300 programs of study, and more than 37,500 students. The University also partners with four affiliated teaching hospitals to graduate over 1,000 health care professionals each year. The goal of McGill University's social media platforms is to strengthen our community, which includes students, faculty, and alumni. The aim is to provide information on events, campus news and promote networking. McGill University fosters freedom of expression, while valuing respect and collegiality. We encourage respectful dialogue and reserve the right to remove the following: Comments deemed offensive, vulgar or profane; comments off-topic and/or unrelated to posted content; content that infringes on an individual's privacy or copyright.

Florida International University

fiu.edu

FIU is Miami's public research university. Offering bachelor's, master's and doctoral degrees, both on campus and fully online. Designated a Preeminent State Research University, FIU emphasizes research as a major component in the university's mission. For more than 50 years, FIU has positioned itself as one of South Florida's anchor institutions by solving some of the greatest challenges of our time. We are dedicated to enriching the lives of the local and global community. With a student body of more than 56,000, we are among the largest universities in the nation and have collectively graduated more than 300,000 alumni, 165,000 of whom live and work in South Florida.

University of Waterloo

uwaterloo.ca

University of Waterloo is a leader in innovation that drives economic and social prosperity for Canada and the world. We are home to a renowned talent pipeline, game-changing research and technology, and unmatched entrepreneurial culture, that together create solutions to tackle today’s and tomorrow’s challenges. Our greatest impact happens together. A strategic integration of research and teaching excellence, the world’s largest co-operative education program, entrepreneurship-intensive programs, and creator-owned IP, has resulted in extensive industry collaboration, the generation of thousands of commercial and social enterprises, and a dynamic learning experience for more than 41,000 undergraduate and graduate students.

Vanderbilt University

vanderbilt.edu

Vanderbilt University is a top-ranked teaching and research university in Nashville, Tennessee. Powered by collaboration. Follow Vanderbilt on Facebook, Twitter, TikTok and Instagram @VanderbiltU. See more Vanderbilt social media at https://social.vanderbilt.edu/ Located in Nashville, Tenn., and operating at a global crossroads of teaching and discovery, Vanderbilt University is a community of individuals who come to work each day with the simple aim of changing the world. It is a place where your expertise will be valued, your knowledge expanded and your abilities challenged. It is a place where your diversity — of culture, thinking, learning and leading — is sought and celebrated. It is a place where students and employees know they are part of something that is bigger than themselves, take exceptional pride in their work and never settle for what was good enough yesterday. We hire hundreds of employees each year and have a wealth of opportunities ranging from information technology to development and dining to athletics. We are Vanderbilt. Join Us. Our comment policy: https://news.vanderbilt.edu/resources/about/comment-policy

Loading…

NEWS

HBS Business and Environment Initiative CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

October 01, 2025 07:00 AM

National Cybersecurity Awareness Month: How to Protect Yourself from Deepfakes

The term deepfake often appears in news stories and can stir up feelings of fear and uncertainty. But as with most scams, being informed can...

Read Article

April 18, 2025 07:00 AM

Solving Three Common AI Challenges Companies Face | Working Knowledge

Artificial intelligence is already reshaping industries worldwide. However, AI's rapid ascent has overwhelmed the many business leaders...

Read Article

April 07, 2025 05:59 PM

Sustainability as a Business-Model Transformation

Many global companies have made public commitments to sustainability targets. Fulfilling these commitments will require firms to transform their business...

Read Article

December 19, 2024 08:00 AM

Trends and Insights: Board Leadership Diversity and Organizational Performance

The Board Diversity Network, a program of the HBS Race, Gender & Equity Initiative, shares the latest research, insights, and HBS alumni...

Read Article

October 04, 2024 07:00 AM

National Cybersecurity Awareness Month: The Dangers of AI Art and Deepfakes

The rise of AI offers several benefits to society at large. It also ushers in concerns regarding security. Social engineers are already...

Read Article

September 06, 2022 07:00 AM

Student Spotlight: Summer Internships in Business & Environment - Blog - Business & Environment

Over 65 MBA students found internships at the intersection of business and the environment. This post provides a sample of some of the types of companies that...

Read Article

October 30, 2017 02:08 AM

Amy C. Edmondson

Amy C. Edmondson is the Novartis Professor of Leadership and Management at the Harvard Business School, a chair established to support the study of human...

Read Article

April 13, 2015 07:00 AM

3 Ways Firms Can Profit From Environmental Investments

BY CARMEN NOBEL. In the course of her work, Rebecca Henderson meets business executives who don't address the threat of climate change...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…