5 matches found
CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...
BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection Vulnerability
======================================================================= title: HTML Injection product: BMC Remedy ITSM-Suite vulnerable version: 9.1.10 = 20.02 in new versioning scheme fixed version: 22.1 CVE number: CVE-2022-26088 impact: Low homepage:...
BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: HTML Injection product: BMC Remedy ITSM-Suite vulnerable version: 9.1.10 = 20.02 in new versioning scheme fixed version: 22.1 CVE number: CVE-2022-26088 impact: Low...
CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...
CVE-2022-26088
CVE-2022-26088 affects BMC Remedy ITSM Suite prior to 22.1. Email-based Incident Forwarding can let remote authenticated users inject HTML (including SSRF payloads) into the Activity Log by placing content in the To: field, influencing rendering when the number of recipients is clicked. The vulne...