Lucene search
HistoryMay 27, 2012 - 7:55 p.m.
CVE-2012-2235
cve
2012
2235
cross-site scripting
xss
vulnerability
support incident tracker
sit
3.65
nvd
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
46.5%
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.
Related
prion
prion
Cross site scripting
2012-05-27 19:55:00
Design/Logic Flaw
2020-01-02 14:16:00
cvelist
cvelist
CVE-2012-2235
2022-10-03 16:15:36
CVE-2019-20223
2020-01-02 04:29:51
openvas
openvas
Support Incident Tracker SiT! 'id' Parameter XSS Vulnerability
2012-06-01 00:00:00
Support Incident Tracker SiT! <= 3.65 XSS Vulnerability - Active Check
2012-06-01 00:00:00
cve
cve
CVE-2019-20223
2020-01-02 14:16:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
46.5%
Related for CVE-2012-2235