Vulnerabilities > Sitracker > Support Incident Tracker > 3.67
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-02 | CVE-2019-20223 | Cross-site Scripting vulnerability in Sitracker Support Incident Tracker 3.67 In Support Incident Tracker (SiT!) 3.67, the id parameter is affected by XSS on all endpoints that use this parameter, a related issue to CVE-2012-2235. | 4.3 |
| 2020-01-02 | CVE-2019-20222 | Cross-site Scripting vulnerability in Sitracker Support Incident Tracker 3.67 In Support Incident Tracker (SiT!) 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS. | 4.3 |
| 2020-01-02 | CVE-2019-20221 | Cross-site Scripting vulnerability in Sitracker Support Incident Tracker 3.67 In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the config.php page is affected by XSS. | 4.3 |
| 2020-01-02 | CVE-2019-20220 | Cross-site Scripting vulnerability in Sitracker Support Incident Tracker 3.67 In Support Incident Tracker (SiT!) 3.67, the search_id parameter in the search_incidents_advanced.php page is affected by XSS. | 4.3 |