CVE-2024-11479
Authenticated HTML Injection in Issuetrak Ticket Comment Function
A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the
emails sent to all users on that ticket.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
Issuetrak · IssuetrakWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →