CVE-2019-20221

In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:sitracker:support_incident_tracker:3.67:*:*:*:*:*:*:*

Information

Published : 2020-01-02 06:16

Updated : 2020-01-03 13:28


NVD link : CVE-2019-20221

Mitre link : CVE-2019-20221


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

sitracker

  • support_incident_tracker