2 matches found
CVE-2022-50967 uBidAuction 2.0.1 tickets manage Reflected XSS
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET request...
GESTSUP Security Vulnerabilities
GESTSUP is a software application from the French company GESTSUP. It is 100% web-based SUPport MANAGEMENT software that manages tickets and devices. A security vulnerability exists in GESTSUP version v3.2.46, which stems from the presence of a cross-site request forgery CSRF vulnerability that...