EIP-2026-102465
PRE-CVEBMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-102465. PoCs published by Richard Brain.
AI-analyzed exploit summary The provided text describes a default-account vulnerability and multiple XSS vulnerabilities in BMC Remedy Knowledge Management 7.5.00. It includes example URLs demonstrating the XSS exploits but does not contain executable exploit code.
Description
BMC Remedy Knowledge Management 7.5.00 - Default Account / Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Richard Brain · textwebappsjsp
https://www.exploit-db.com/exploits/35706
The provided text describes a default-account vulnerability and multiple XSS vulnerabilities in BMC Remedy Knowledge Management 7.5.00. It includes example URLs demonstrating the XSS exploits but does not contain executable exploit code.
Classification
Writeup 90%
Attack Type
Xss | Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target:
BMC Remedy Knowledge Management 7.5.00
No auth needed
Prerequisites:
Access to the target application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026