CVE-2012-2235
Sitracker Support Incident Tracker < 3.65 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is not properly handled in an error message.
Scores
EPSS
0.0022
EPSS Percentile
45.0%
Classification
CWE
CWE-79
Status
published
Affected Products (40)
sitracker/support_incident_tracker
< 3.65
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
sitracker/support_incident_tracker
... and 25 more
Timeline
Published
May 27, 2012
Tracked Since
Feb 18, 2026