Vulnerabilities (CVE)

Filtered by vendor Sitracker Subscribe

Filtered by product Support Incident Tracker

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-20221	1 Sitracker	1 Support Incident Tracker	2020-01-03	4.3 MEDIUM	6.1 MEDIUM
In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.
CVE-2019-20223	1 Sitracker	1 Support Incident Tracker	2020-01-03	4.3 MEDIUM	6.1 MEDIUM
In Support Incident Tracker (SiT!) 3.67, the id parameter is affected by XSS on all endpoints that use this parameter, a related issue to CVE-2012-2235.
CVE-2019-20220	1 Sitracker	1 Support Incident Tracker	2020-01-03	4.3 MEDIUM	6.1 MEDIUM
In Support Incident Tracker (SiT!) 3.67, the search_id parameter in the search_incidents_advanced.php page is affected by XSS.
CVE-2019-20222	1 Sitracker	1 Support Incident Tracker	2020-01-03	4.3 MEDIUM	6.1 MEDIUM
In Support Incident Tracker (SiT!) 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS.