CVE-2024-11479
Authenticated HTML Injection in Issuetrak Ticket Comment Function
A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the
emails sent to all users on that ticket.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Issuetrak · Issuetrak¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →