6 matches found
CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...
CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...
Server side request forgery (ssrf)
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...
PT-2022-17659 · Bmc · Bmc Remedy
Name of the Vulnerable Software and Affected Versions: BMC Remedy versions prior to 22.1 Description: An issue was discovered in BMC Remedy where Email-based Incident Forwarding allows remote authenticated users to inject HTML, such as an SSRF payload, into the Activity Log by placing it in the T...
CVE-2022-26088
CVE-2022-26088 affects BMC Remedy ITSM Suite prior to 22.1. Email-based Incident Forwarding can let remote authenticated users inject HTML (including SSRF payloads) into the Activity Log by placing content in the To: field, influencing rendering when the number of recipients is clicked. The vulne...
CVE-2022-26088
An issue was discovered in BMC Remedy before 22.1. Email-based Incident Forwarding allows remote authenticated users to inject HTML such as an SSRF payload into the Activity Log by placing it in the To: field. This affects rendering that occurs upon a click in the "number of recipients" field...