CVE-2009-4433
CVE-2009-4433 affects IDevSpot iSupport 1.8 and earlier. The XSS flaws enable remote injection via: (a) the 5 or (b) 9 field in post to ticket_function.php, reachable via ticket_submit.php and index.php; (c) the which parameter to function.php; or (d) the which parameter to index.php, related to ...