Lucene search

[email protected]NVD:CVE-2012-2235

HistoryMay 27, 2012 - 7:55 p.m.

CVE-2012-2235

2012-05-2719:55:01

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS

0.001

Percentile

50.9%

JSON

Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.

Affected configurations

Nvd

Node

sitrackersupport_incident_trackerRange≤3.65

sitrackersupport_incident_trackerMatch1.8.00

sitrackersupport_incident_trackerMatch2.8.00

sitrackersupport_incident_trackerMatch3.00

sitrackersupport_incident_trackerMatch3.00beta1

sitrackersupport_incident_trackerMatch3.00beta2

sitrackersupport_incident_trackerMatch3.00beta3

sitrackersupport_incident_trackerMatch3.01

sitrackersupport_incident_trackerMatch3.02

sitrackersupport_incident_trackerMatch3.03

sitrackersupport_incident_trackerMatch3.03a

sitrackersupport_incident_trackerMatch3.04a

sitrackersupport_incident_trackerMatch3.05

sitrackersupport_incident_trackerMatch3.6

sitrackersupport_incident_trackerMatch3.06

sitrackersupport_incident_trackerMatch3.07

sitrackersupport_incident_trackerMatch3.45

sitrackersupport_incident_trackerMatch3.45beta1

sitrackersupport_incident_trackerMatch3.50

sitrackersupport_incident_trackerMatch3.50beta1

sitrackersupport_incident_trackerMatch3.51

sitrackersupport_incident_trackerMatch3.60

sitrackersupport_incident_trackerMatch3.61

sitrackersupport_incident_trackerMatch3.62

sitrackersupport_incident_trackerMatch3.63

sitrackersupport_incident_trackerMatch3.63beta1

sitrackersupport_incident_trackerMatch3.64

sitrackersupport_incident_trackerMatch4.8.00

sitrackersupport_incident_trackerMatch7.8.00

sitrackersupport_incident_trackerMatch8.8.00

sitrackersupport_incident_trackerMatch9.8.00

sitrackersupport_incident_trackerMatch10.8.00

sitrackersupport_incident_trackerMatch11.8.00

sitrackersupport_incident_trackerMatch14.8.00

sitrackersupport_incident_trackerMatch16.8.00

sitrackersupport_incident_trackerMatch17.8.00

sitrackersupport_incident_trackerMatch18.8.00

sitrackersupport_incident_trackerMatch21.8.00

sitrackersupport_incident_trackerMatch31.07.00

VendorProductVersionCPE
sitrackersupport_incident_tracker*cpe:2.3:a:sitracker:support_incident_tracker:*:*:*:*:*:*:*:*
sitrackersupport_incident_tracker1.8.00cpe:2.3:a:sitracker:support_incident_tracker:1.8.00:*:*:*:*:*:*:*
sitrackersupport_incident_tracker2.8.00cpe:2.3:a:sitracker:support_incident_tracker:2.8.00:*:*:*:*:*:*:*
sitrackersupport_incident_tracker3.00cpe:2.3:a:sitracker:support_incident_tracker:3.00:*:*:*:*:*:*:*
sitrackersupport_incident_tracker3.00cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta1:*:*:*:*:*:*
sitrackersupport_incident_tracker3.00cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta2:*:*:*:*:*:*
sitrackersupport_incident_tracker3.00cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta3:*:*:*:*:*:*
sitrackersupport_incident_tracker3.01cpe:2.3:a:sitracker:support_incident_tracker:3.01:*:*:*:*:*:*:*
sitrackersupport_incident_tracker3.02cpe:2.3:a:sitracker:support_incident_tracker:3.02:*:*:*:*:*:*:*
sitrackersupport_incident_tracker3.03cpe:2.3:a:sitracker:support_incident_tracker:3.03:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sitracker	support_incident_tracker	*	cpe:2.3:a:sitracker:support_incident_tracker::::::::
sitracker	support_incident_tracker	1.8.00	cpe:2.3:a:sitracker:support_incident_tracker:1.8.00:::::::*
sitracker	support_incident_tracker	2.8.00	cpe:2.3:a:sitracker:support_incident_tracker:2.8.00:::::::*
sitracker	support_incident_tracker	3.00	cpe:2.3:a:sitracker:support_incident_tracker:3.00:::::::*
sitracker	support_incident_tracker	3.00	cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta1::::::
sitracker	support_incident_tracker	3.00	cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta2::::::
sitracker	support_incident_tracker	3.00	cpe:2.3:a:sitracker:support_incident_tracker:3.00:beta3::::::
sitracker	support_incident_tracker	3.01	cpe:2.3:a:sitracker:support_incident_tracker:3.01:::::::*
sitracker	support_incident_tracker	3.02	cpe:2.3:a:sitracker:support_incident_tracker:3.02:::::::*
sitracker	support_incident_tracker	3.03	cpe:2.3:a:sitracker:support_incident_tracker:3.03:::::::*