CVE-2019-20222

Description

In Support Incident Tracker (SiT!) 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS.

CVSS Version 3.1
CVSS Version 2.0

nvd
CVE ID: CVE-2019-20222
Base Score: 6.1
Base Severity: MEDIUM
Vector String:CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Impact Score: 2.7
Exploitability Score: 2.8

nvd
CVE ID: CVE-2019-20222
Base Score: 4.3
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:N/I:P/A:N

Refrence: NVD

Description​

Description