XSS Vulnerability in Support Incident Tracker (SiT!) 3.67

XSS Vulnerability in Support Incident Tracker (SiT!) 3.67

CVE-2019-20221 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page.

Learn more about our Web Application Penetration Testing UK.