Vulnerabilities Found in Support Incident Tracker
Support Incident Tracker© (SIT!) is a free, open-source, web-based application that tracks emails and technical support calls.
Affected Application: 3.64 and any previous versions.
Issue: Multiple vulnerabilities including SQL Injections and Cross-Site Scripting were discovered in the SiT! application. These vulnerabilities could let attackers execute unintended commands, access unauthorized data, hijack user sessions, or redirect users to malicious sites.
Resolution: An update for SiT! is available. For more information, visit the vendor’s website: http://sitracker.org/wiki/Download#3.65.
This information was compiled using information in the National Vulnerability Database. For more information about this issue, see the summary for CVE-2011-5073. To learn more about cross-site scripting, see Cross-Site Scripting.
Website Protection Site Scanner scans for this vulnerability, and many more. To learn about Site Scanner, see Getting Started with Website Protection Site Scanner.
Comments are closed.